33e368342df91d772771ac0a1bb6f6a6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33e368342df91d772771ac0a1bb6f6a6_JaffaCakes118
Size

265KB
MD5

33e368342df91d772771ac0a1bb6f6a6
SHA1

fe5d26aa36902d71182b50c12af2e3367cee043d
SHA256

481b1ab1a7e820e6c26fcc0e719617de693e3489eb749cf943e724ede5a7e4cf
SHA512

0c5cbbb2abfba5ea5b25eb9af259395e5b96cea7c8989d0766a81ed0101f3cfd100f41d2be47fae3dd49ef29ae31de289ed19f073aed4ec763331d7c9cd9a230
SSDEEP

6144:/isf0P1tJ/Lrtq1xSjSNfUpMT1M0H9WJkSR1:x0P1tJ/cxSmdUpCM0HKR1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33e368342df91d772771ac0a1bb6f6a6_JaffaCakes118

Files

33e368342df91d772771ac0a1bb6f6a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c10e77409df5b1beda6776137c502ca9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
TlsFree
GetAtomNameA
CompareFileTime
GetStdHandle
GetVersion
LoadLibraryA
GlobalUnlock
CloseHandle
GetConsoleCP
GetACP
lstrlenA
FindAtomA
GetProfileIntA
GetTickCount
InterlockedExchange
HeapWalk
TlsGetValue
WaitForSingleObject
GetModuleHandleA
HeapReAlloc

user32

PostMessageA
CopyRect
ShowWindow
DispatchMessageA
CreateCaret
EqualRect
DialogBoxParamA
SetWindowPos
InflateRect
GetKeyboardLayout
GetMenu
PaintDesktop
MessageBoxA
GetMenuStringA
InsertMenuA
SubtractRect
EnableScrollBar
SetPropA
UpdateWindow
LoadIconA
ModifyMenuA
TranslateMessage
GetWindowTextA
GetDlgItem
DestroyMenu
GetScrollRange

msi

MsiEnumProductsA
MsiDoActionA
MsiEnumClientsA
MsiCloseHandle
MsiGetMode

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ