72e1a90ae7f9061b549fc290af5abc48_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72e1a90ae7f9061b549fc290af5abc48_JaffaCakes118
Size

717KB
MD5

72e1a90ae7f9061b549fc290af5abc48
SHA1

1be112f1e4ecb1bd57c8afa9b857c857b98b43f0
SHA256

c8ff42de4a11c66b19ea1e72176ddc4fa4a811afd5d47fe37594683c6446a711
SHA512

ad01701233022c02abcf3dd297c1df20b1b799b8d49e2b2a554a8a7362cedf55774f2aea864be8f9ccfaa9c39669b3fca3a18c5b9b583a5fac65ee255b7f59dc
SSDEEP

12288:n0XICdNLcDtf+8gyUh4schbecWNflC56yjT61HD7KzC0EVzduglFj6C:nknd6DjTaLchbeckflRyjTsEazdugh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72e1a90ae7f9061b549fc290af5abc48_JaffaCakes118

Files

72e1a90ae7f9061b549fc290af5abc48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84718406536f2a2111409eb97924ee77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
GetTickCount
GetACP
GetModuleHandleA
LoadLibraryExA
GetAtomNameA
HeapReAlloc
GetConsoleCP
HeapWalk
CloseHandle
InterlockedExchange
SetEvent
GetVersion
GetProfileIntA
WaitForSingleObject
FindAtomA
lstrlenA
TlsFree
GlobalUnlock
VirtualProtect
CompareFileTime

user32

ModifyMenuA
GetMenu
GetMenuStringA
UpdateWindow
LoadIconA
CopyRect
PostMessageA
GetDlgItem
DispatchMessageA
DialogBoxParamA
SetPropA
SubtractRect
SetWindowPos
ShowWindow
PostQuitMessage
GetWindowTextA
GetKeyboardLayout
CreateCaret
InsertMenuA
GetWindowLongA
MessageBoxA
TranslateMessage
InflateRect
DestroyMenu
GetScrollRange
EqualRect
GetSubMenu
EnableScrollBar
PaintDesktop

msi

MsiDoActionA
MsiGetMode
MsiCloseHandle
MsiEnumClientsA
MsiEnumProductsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ