ace16fd83b207a2f28d8df5ccf9d630d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ace16fd83b207a2f28d8df5ccf9d630d_JaffaCakes118
Size

717KB
MD5

ace16fd83b207a2f28d8df5ccf9d630d
SHA1

6c2220a7240da9a93a5eefff8526120d2b13adf1
SHA256

32a22581c06986624e18cb51ec5793a869df767817c55d6d4640189f086b3ad1
SHA512

46b4499c5d098a312b7dacb79c659b8f501a51e951c8019d90cc92f5cb4d9b961082a8b1a04464a36445706d74ca13f3820e44d50656cf6ed12c367c7feb4137
SSDEEP

12288:gXICdNLcDtf+8gyUh4schbecWNflC56yjT61HD7KzC0EVzduglFj6C:Ind6DjTaLchbeckflRyjTsEazdugh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ace16fd83b207a2f28d8df5ccf9d630d_JaffaCakes118

Files

ace16fd83b207a2f28d8df5ccf9d630d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1c7104fea86af559934355034c865cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
CompareFileTime
FindAtomA
lstrlenA
GlobalUnlock
HeapReAlloc
GetConsoleCP
VirtualProtect
HeapWalk
GetProfileIntA
GetACP
InterlockedExchange
WaitForSingleObject
GetTickCount
SetEvent
LoadLibraryExA
CloseHandle
TlsFree
GetAtomNameA
GetModuleHandleA
GetVersion

user32

GetMenu
GetKeyboardLayout
GetWindowTextA
DialogBoxParamA
GetDlgItem
CreateCaret
MessageBoxA
DestroyMenu
GetMenuStringA
GetScrollRange
GetSubMenu
PostMessageA
PaintDesktop
SetPropA
SetWindowPos
PostQuitMessage
UpdateWindow
TranslateMessage
LoadIconA
ShowWindow
InsertMenuA
SubtractRect
CopyRect
EnableScrollBar
EqualRect
GetWindowLongA
InflateRect
DispatchMessageA
ModifyMenuA

msi

MsiDoActionA
MsiEnumClientsA
MsiGetMode
MsiCloseHandle
MsiEnumProductsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ