27e6391fd3138c0c4031c35d5c809bd4_JaffaCakes118 | Triage

Sharing

General

Target

27e6391fd3138c0c4031c35d5c809bd4_JaffaCakes118
Size

392KB
MD5

27e6391fd3138c0c4031c35d5c809bd4
SHA1

867e46d37e8f1bff7fc3c5583834b42e87fe0566
SHA256

8287e3353bd7c0a747be8e50491628394a2a25b17a93d09de8dff24cc406439f
SHA512

ee4ab95dd49a2de4a6c77a1f915c4988ca1c6484fb5757fc1f11889db0e325019409693f034397acfef3b701b87b855589ad7b5eb05229954000ba8bb47b7dde
SSDEEP

6144:X+FxAgek1C3EpduJFYRjTuaJfrv/0wEfYC9TbyrMiMDeEic2U9uKZEWFH7:uFe6CFkZZVryf9RlDLiPUwKJb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27e6391fd3138c0c4031c35d5c809bd4_JaffaCakes118

Files

27e6391fd3138c0c4031c35d5c809bd4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89d1a4ed48f9eff9a7e8fdcb74d11952

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
FindAtomA
GetLastError
WaitForSingleObject
GetACP
CloseHandle
LocalLock
GetConsoleAliasA
LocalFree
FreeEnvironmentStringsA
LocalUnlock
CreateFileA
IsDebuggerPresent
FindClose
GetCalendarInfoA
HeapCreate
TlsGetValue
CreateFileMappingA
GetModuleHandleA
LoadLibraryExA

user32

GetMessageA
SetFocus
CascadeWindows
DrawTextA
IsWindow
CreateDialogParamA
DispatchMessageA
GetIconInfo
CallWindowProcA
DefWindowProcA
GetDlgItem
DrawEdge
GetDC
DrawIconEx

msasn1

ASN1BEREncLength
ASN1BERDecEoid
ASN1BERDecCheck
ASN1BERDecBool
ASN1BEREncFlush

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ