67c2e02994b16f9a4f3b53630d27ae77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67c2e02994b16f9a4f3b53630d27ae77_JaffaCakes118
Size

305KB
MD5

67c2e02994b16f9a4f3b53630d27ae77
SHA1

0b803f0482e17b0d6f08f50c9a88f754c057fdd8
SHA256

76f55c15a9b8119a5f2eee6ad5d1cc920eec3836439c47ae5576dda0ad684b3a
SHA512

875a9853643d684885bf3949ef2ff02b4fbb36b6f714d4694b00529e548963624a3b908e085294b8ecb82cfe130a19ef1ab75ce5365fabced14e5a6bb8d44544
SSDEEP

6144:Hr6skYgkif08QdGcRvtU6LIFH6izXuVcycuyJRRP9dWX7Dsl7NvdDmQ:2Yg3fq26uairycuYRP9dWXfOTDmQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67c2e02994b16f9a4f3b53630d27ae77_JaffaCakes118

Files

67c2e02994b16f9a4f3b53630d27ae77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b92b60256f97ae047cecff71cd336a30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapWalk
CloseHandle
InterlockedExchange
TlsGetValue
lstrlenA
GetProfileIntA
LoadLibraryA
FindAtomA
WaitForSingleObject
GetAtomNameA
CompareFileTime
GetTickCount
GetModuleHandleA
GetStdHandle
GetVersion
GetACP
VirtualProtect
GlobalUnlock
HeapReAlloc
GetConsoleCP
TlsFree

user32

GetDlgItem
CreateCaret
MessageBoxA
GetScrollRange
SetWindowPos
SetPropA
UpdateWindow
EnableScrollBar
PaintDesktop
GetMenuStringA
InsertMenuA
LoadIconA
SubtractRect
GetWindowTextA
TranslateMessage
PostMessageA
ModifyMenuA
GetKeyboardLayout
DestroyMenu
CopyRect
EqualRect
PostQuitMessage
InflateRect
DialogBoxParamA
GetMenu
DispatchMessageA
ShowWindow
GetSubMenu

msi

MsiCloseHandle
MsiDoActionA
MsiEnumClientsA
MsiGetMode
MsiEnumProductsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ