96d64a48bb838da93783a8995e943ac1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96d64a48bb838da93783a8995e943ac1_JaffaCakes118
Size

638KB
MD5

96d64a48bb838da93783a8995e943ac1
SHA1

a0fa18ee59d498fdf31c5df5f753fa3a94646a56
SHA256

cf8f39a3d476ce35af767c515661aeaf3a35c3ec352b741ba6f583f399c06cb0
SHA512

f4de61cff36024ac9117ce0d75fca7477a08a9615bdd52bf5c397bb9f3967f29680a05f07037afc821586d9f47c25a064a57daeb54cc8dbe096f3941f5511324
SSDEEP

12288:RMECXILnhqp5DSOBNHNEdV2J9XQ6fq70Q6d/crSQUdW1zlXRPccpR7iDlNANH:+Kj0DbNySi6S70Q6CrSTAZ1HiraH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96d64a48bb838da93783a8995e943ac1_JaffaCakes118

Files

96d64a48bb838da93783a8995e943ac1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eaec6d6975f22b2476c1332b852649ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetTickCount
GetVersion
lstrlenA
LoadLibraryA
GetConsoleCP
GetModuleHandleA
AddAtomA
CompareFileTime
HeapReAlloc
GetSystemDefaultLangID
GetProfileIntA
TlsGetValue
GlobalUnlock
HeapCreate
WaitForMultipleObjects
GetStdHandle
CloseHandle
VirtualProtect
TlsFree
WaitForSingleObject

user32

PostMessageA
EnableScrollBar
GetMenuStringA
GetWindowTextA
DestroyMenu
EqualRect
GetKeyboardLayout
DispatchMessageA
ModifyMenuA
PaintDesktop
DialogBoxParamA
SubtractRect
GetDlgItem
ShowWindow
CopyRect
InsertMenuA
UpdateWindow
GetKeyState
SetPropA
TranslateMessage
CreateCursor
MessageBoxA
SetWindowPos
CreateCaret
FindWindowA

msi

MsiCloseHandle
MsiEnumClientsA
MsiEnumProductsA
MsiGetMode
MsiDoActionA

ws2_32

WSAAccept

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ