4cbebe7944387d0b26edbbaa7f3c6af2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cbebe7944387d0b26edbbaa7f3c6af2_JaffaCakes118
Size

290KB
MD5

4cbebe7944387d0b26edbbaa7f3c6af2
SHA1

e6ee16b272820eb0d325222a6bca6fc4d12a765f
SHA256

d7f0398e6eb3e52a8d21bdafa6291b95a92877e765baadd4d6d454cdf3e679aa
SHA512

774726b8b7cab2705c1d3417b17a7f4f8e66d009b4764a0fd203da256fe6b545d2d4bd53e6cf66cdd53c651dae9104059ad0a455d41e301f86dbeb472508c812
SSDEEP

6144:gL12Bxzv6KPqDvAA4T111IasXXMdwoshL5iv4rgDjNLXPCgXIR5L+wdr:6gxzv6KPqDcj1IjnV15iptL/Cgu5LH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cbebe7944387d0b26edbbaa7f3c6af2_JaffaCakes118

Files

4cbebe7944387d0b26edbbaa7f3c6af2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6dae8342e47f2e3519f526570f8b7539

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
FindAtomA
VirtualProtect
GetVersion
InterlockedExchange
GetConsoleCP
GetModuleHandleA
CompareFileTime
GetAtomNameA
GetStdHandle
LoadLibraryA
CloseHandle
GetProfileIntA
HeapReAlloc
GlobalUnlock
TlsFree
GetTickCount
lstrlenA
HeapWalk
GetACP
TlsGetValue

user32

CreateCaret
UpdateWindow
DestroyMenu
CopyRect
PaintDesktop
LoadIconA
SetPropA
ModifyMenuA
GetKeyboardLayout
GetWindowTextA
GetScrollRange
TranslateMessage
SetWindowPos
DispatchMessageA
PostMessageA
EnableScrollBar
DialogBoxParamA
ShowWindow
SubtractRect
EqualRect
GetMenu
GetDlgItem
InsertMenuA
GetMenuStringA
InflateRect
MessageBoxA

msi

MsiEnumClientsA
MsiCloseHandle
MsiGetMode
MsiEnumProductsA
MsiDoActionA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 576KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ