b087a66133f63c3f73e4926f086d1683_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b087a66133f63c3f73e4926f086d1683_JaffaCakes118
Size

717KB
MD5

b087a66133f63c3f73e4926f086d1683
SHA1

a9ef74e9490200c24866294cc2faa8f247f76c09
SHA256

030977a0ce855df64fec870a820dfd124f8c7428bbab2b59cfa78b158604e38c
SHA512

5b6efa4b36208db83f729208ecede29663663a3cca39300845fe71c6c331150e04eafb3ead9d6ad18a3faa3a775b75df9ddf646286dac7ae5a20e93823a28507
SSDEEP

12288:aUDXZce5tzhzqSUk+8Ppr6oQGDI1GC63MPfZOAnPCcKgtynEe0tKkV/:vee5tzA50QxGcGV3MPfZKpgtyTo/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b087a66133f63c3f73e4926f086d1683_JaffaCakes118

Files

b087a66133f63c3f73e4926f086d1683_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3fea70f04c0c5ba9fa33996cf19850c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapWalk
GetTickCount
LoadLibraryExA
HeapReAlloc
CompareFileTime
GetVersion
WaitForSingleObject
VirtualProtect
CloseHandle
SetEvent
GlobalUnlock
InterlockedExchange
lstrlenA
GetACP
FindAtomA
GetAtomNameA
GetModuleHandleA
TlsFree
ResetEvent
GetProfileIntA
GetConsoleCP

user32

ScrollDC
GetWindowTextA
DispatchMessageA
LoadIconA
SetPropA
GetDlgItem
GetScrollRange
EnableScrollBar
GetMenu
InsertMenuA
TranslateMessage
DialogBoxParamA
ModifyMenuA
GetSubMenu
GetMenuStringA
GetWindowLongA
GetParent
CopyRect
PostQuitMessage
SetWindowPos
PostMessageA
UpdateWindow
InflateRect
SetSysColors
MessageBoxA
ShowWindow
EqualRect
DestroyMenu
GetKeyboardLayout

msi

MsiEnumProductsA
MsiGetMode
MsiCloseHandle
MsiDoActionA
MsiEnumClientsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ