95a9adb8536fc4c101fe8d36fa392a62_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95a9adb8536fc4c101fe8d36fa392a62_JaffaCakes118
Size

637KB
MD5

95a9adb8536fc4c101fe8d36fa392a62
SHA1

9774921451c3f8e2ccc0ddda2a70c5373f42d364
SHA256

efc97092b68b5cc355f78812ca4f88f296a2c709fdcd93c25e8555cc56946e2b
SHA512

38389904444ff69244e6f5451ced45208999245ed6a2d76d1419f56f0610219c1a4947f2821c26635823b03fd64ed81d991aedb8a36d64e2537a8393c9e71c39
SSDEEP

12288:XR1+jSpEoRzUA4Usj5sWUznwnprl76IkNjfCJaqYYNwJAULO4ywEWYd0:BEjSpEoRzU3UEgwnpR76IkEaMNwJAJel

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95a9adb8536fc4c101fe8d36fa392a62_JaffaCakes118

Files

95a9adb8536fc4c101fe8d36fa392a62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7e21ce72bc3fb275b79b419f650a78a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetTickCount
GetModuleHandleA
VirtualProtect
CompareFileTime
GetACP
TlsFree
GetStdHandle
GetConsoleCP
InterlockedExchange
HeapWalk
HeapReAlloc
FindAtomA
GetVersion
GetProfileIntA
GetAtomNameA
LoadLibraryA
WaitForSingleObject
CloseHandle
TlsGetValue
GlobalUnlock

user32

TranslateMessage
DestroyMenu
PostMessageA
DispatchMessageA
MessageBoxA
GetScrollRange
SubtractRect
CopyRect
GetWindowTextA
InsertMenuA
LoadIconA
CreateCaret
DialogBoxParamA
GetMenuStringA
EqualRect
InflateRect
SetWindowPos
ShowWindow
PaintDesktop
GetDlgItem
UpdateWindow
GetKeyboardLayout
PostQuitMessage
EnableScrollBar
GetMenu
SetPropA
ModifyMenuA

msi

MsiGetMode
MsiEnumClientsA
MsiDoActionA
MsiCloseHandle
MsiEnumProductsA

clbcatq

CoRegCleanup

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ