274634cd33f2e3c90b11a332a4fb5878_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

274634cd33f2e3c90b11a332a4fb5878_JaffaCakes118
Size

265KB
MD5

274634cd33f2e3c90b11a332a4fb5878
SHA1

3f1b46693bc3a26c08e9df57775d7e18a16cc82d
SHA256

c7aee232e59c92818879fa8e9cc0d69348e051611f99ac48240f1d30dfb2dd31
SHA512

11679e2a470ce566a185504a9faae433e299156dd14ef3bfccb8dddf6cc1e351c2c8b879274484faaf69484b9bc037e943e9256010b2d6910339b54d5280c9db
SSDEEP

6144:/isV0P1tJ/Lrtq1xSjSNfUpMT1M0H9WJkSR1:70P1tJ/cxSmdUpCM0HKR1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
274634cd33f2e3c90b11a332a4fb5878_JaffaCakes118

Files

274634cd33f2e3c90b11a332a4fb5878_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c10e77409df5b1beda6776137c502ca9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
TlsFree
GetAtomNameA
CompareFileTime
GetStdHandle
GetVersion
LoadLibraryA
GlobalUnlock
CloseHandle
GetConsoleCP
GetACP
lstrlenA
FindAtomA
GetProfileIntA
GetTickCount
InterlockedExchange
HeapWalk
TlsGetValue
WaitForSingleObject
GetModuleHandleA
HeapReAlloc

user32

PostMessageA
CopyRect
ShowWindow
DispatchMessageA
CreateCaret
EqualRect
DialogBoxParamA
SetWindowPos
InflateRect
GetKeyboardLayout
GetMenu
PaintDesktop
MessageBoxA
GetMenuStringA
InsertMenuA
SubtractRect
EnableScrollBar
SetPropA
UpdateWindow
LoadIconA
ModifyMenuA
TranslateMessage
GetWindowTextA
GetDlgItem
DestroyMenu
GetScrollRange

msi

MsiEnumProductsA
MsiDoActionA
MsiEnumClientsA
MsiCloseHandle
MsiGetMode

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ