a333add8820779585760687e96e65314_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a333add8820779585760687e96e65314_JaffaCakes118
Size

293KB
MD5

a333add8820779585760687e96e65314
SHA1

b54f7ba1613fcc3617d43facb150ca12d0306bdc
SHA256

1a516a5ab4759105756694312877cf7913bfcd47b4669f1050c2e6ff0e2e1243
SHA512

b1bcf4a732b7b1a42abd34def4cc05a2ce0d37e26c8aa53771fa62b987a5953bc1d52aaf285e5477ef7b8c27d0aa9826539758b0b0b23475ae9dd1bc1bded5c8
SSDEEP

6144:eannlZZSk5qHXchRnlJB8xEKKngCE0LUZXlAaAum:RnnlIH8pf0AngCE0LEXlLAu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a333add8820779585760687e96e65314_JaffaCakes118

Files

a333add8820779585760687e96e65314_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56a2c65ef7212da8aa36ab4c9150b77f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
LoadLibraryA
InterlockedExchange
GetStdHandle
CloseHandle
GetModuleHandleA
GlobalUnlock
lstrlenA
GetVersion
FindAtomA
GetACP
TlsFree
GetConsoleCP
CompareFileTime
GetTickCount
GetProfileIntA
WaitForSingleObject
HeapReAlloc
VirtualProtect
TlsGetValue
HeapWalk

user32

InflateRect
TranslateMessage
CopyRect
GetWindowTextA
GetKeyboardLayout
GetMenu
LoadIconA
ModifyMenuA
EnableScrollBar
SetWindowPos
GetDlgItem
PostMessageA
MessageBoxA
DialogBoxParamA
InsertMenuA
GetScrollRange
PaintDesktop
SetPropA
SubtractRect
DestroyMenu
CreateCaret
ShowWindow
EqualRect
DispatchMessageA
UpdateWindow
GetMenuStringA
PostQuitMessage

msi

MsiEnumClientsA
MsiDoActionA
MsiCloseHandle
MsiGetMode
MsiEnumProductsA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ