19e38943dc1808374c2fe2edde96af16_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19e38943dc1808374c2fe2edde96af16_JaffaCakes118
Size

53KB
MD5

19e38943dc1808374c2fe2edde96af16
SHA1

6c9655fa25ba4e68c00285e640c13794712e18fe
SHA256

5421822d169aa81034e42df167788ba912038224510201373133bc500f1cd4a8
SHA512

73c24d95523e6136f08e17e5b7c9310f22f6eaa07b1a29ee792a41528ccc2318e1fe35bbd316196d55efea743c0a1d4f85653be733e2789752d445bfab969e0d
SSDEEP

1536:SEI2pnnNaNI9K4U737qFSNRlP6UAeTErR:GoNaNaK4xWP6UA5R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19e38943dc1808374c2fe2edde96af16_JaffaCakes118

Files

19e38943dc1808374c2fe2edde96af16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e5bf0b177f515a41f3e42addac6e583

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitCommEvent
TransactNamedPipe
HeapSize
lstrcatW
SetConsoleNumberOfCommandsW
GetDateFormatA
VerifyConsoleIoHandle
ConnectNamedPipe
OpenEventA
SetVolumeMountPointA
EnumLanguageGroupLocalesA
GetProcessHeap

user32

SendMessageTimeoutA
CascadeChildWindows
LoadCursorFromFileW
GetWindowWord
WinHelpA
GetWindowModuleFileNameA
IMPSetIMEW
SetWindowsHookExA
OpenDesktopW
CloseDesktop
CreateWindowStationA
IsClipboardFormatAvailable
RealGetWindowClassA
LoadAcceleratorsA
InvalidateRect
LoadIconW
SetClipboardData
DdeAbandonTransaction
UpdatePerUserSystemParameters

Sections

.code
Size: 9KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ