8379a9ab8ffb82c9965e56f7d55d8708_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8379a9ab8ffb82c9965e56f7d55d8708_JaffaCakes118
Size

293KB
MD5

8379a9ab8ffb82c9965e56f7d55d8708
SHA1

6765fea9669459817a80a790272d8f3456bd201a
SHA256

9677e636a182b66b80f66e9fc5a246e03c6af90ac1b72e5acf9ab18c5b93e847
SHA512

2f695c8bde5d32c9d124b86d51bdd015401c9d2e0cde6eac707018b4d9291b0caecbdd8daca05a8fd730e9adf6284b28e69dc80f80e02159984c74bb5dfbb3f6
SSDEEP

6144:eannlZZSk5qHXchRnlJB8xEKKngCE0LUZXlAaAum:RnnlIH8pf0AngCE0LEXlLAu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8379a9ab8ffb82c9965e56f7d55d8708_JaffaCakes118

Files

8379a9ab8ffb82c9965e56f7d55d8708_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56a2c65ef7212da8aa36ab4c9150b77f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
LoadLibraryA
InterlockedExchange
GetStdHandle
CloseHandle
GetModuleHandleA
GlobalUnlock
lstrlenA
GetVersion
FindAtomA
GetACP
TlsFree
GetConsoleCP
CompareFileTime
GetTickCount
GetProfileIntA
WaitForSingleObject
HeapReAlloc
VirtualProtect
TlsGetValue
HeapWalk

user32

InflateRect
TranslateMessage
CopyRect
GetWindowTextA
GetKeyboardLayout
GetMenu
LoadIconA
ModifyMenuA
EnableScrollBar
SetWindowPos
GetDlgItem
PostMessageA
MessageBoxA
DialogBoxParamA
InsertMenuA
GetScrollRange
PaintDesktop
SetPropA
SubtractRect
DestroyMenu
CreateCaret
ShowWindow
EqualRect
DispatchMessageA
UpdateWindow
GetMenuStringA
PostQuitMessage

msi

MsiEnumClientsA
MsiDoActionA
MsiCloseHandle
MsiGetMode
MsiEnumProductsA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ