956041caee1884f1625c75aa96ef9827_JaffaCakes118 | Triage

Sharing

General

Target

956041caee1884f1625c75aa96ef9827_JaffaCakes118
Size

294KB
MD5

956041caee1884f1625c75aa96ef9827
SHA1

fb02f25afaf3c33f0a2b763d1771756b4be1b939
SHA256

463572a4dd3f2329b4c5746abef5bde062deae2ab4d277b4d3963bac6e8384b8
SHA512

de101a5b82470b041e4e037d5d596d8d5ce908a21e632743d9467c58ae8fc3eeb0d16b8cb7a8c4cd406b0f33e01af2eb1d185d0d7e0f99d1b2b4febc5826d524
SSDEEP

6144:ePC1gueriIMdeA6Rlrcg2kn5iELiFEoJSRKhr:QC1gaDd4dn5iE2FEoJjr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
956041caee1884f1625c75aa96ef9827_JaffaCakes118

Files

956041caee1884f1625c75aa96ef9827_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b4eb3d682b39da4daa0716d804b1bd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetAtomNameA
FindAtomA
HeapReAlloc
TlsFree
VirtualProtect
GetModuleHandleA
CloseHandle
GlobalUnlock
HeapWalk
GetProfileIntA
LoadLibraryA
TlsGetValue
GetACP
CompareFileTime
InterlockedExchange
WaitForSingleObject
lstrlenA
GetTickCount
GetConsoleCP
GetVersion

user32

DispatchMessageA
LoadIconA
DestroyMenu
ShowWindow
PostMessageA
PaintDesktop
SetWindowPos
InflateRect
CreateCaret
EnableScrollBar
PostQuitMessage
InsertMenuA
GetScrollRange
CopyRect
GetKeyboardLayout
TranslateMessage
UpdateWindow
ModifyMenuA
GetMenuStringA
SubtractRect
MessageBoxA
GetDlgItem
EqualRect
GetWindowTextA
SetPropA
DialogBoxParamA
GetMenu

msi

MsiCloseHandle
MsiEnumProductsA
MsiGetMode
MsiEnumClientsA
MsiDoActionA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ