b311f10e43a692c90bd5855544107561_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b311f10e43a692c90bd5855544107561_JaffaCakes118
Size

637KB
MD5

b311f10e43a692c90bd5855544107561
SHA1

c1531055626f01d15b162e8d91d64a2e93c39623
SHA256

21fc14fe1a204a9b9ad4f8e6cb5ca5042715be84ec7032c55b69e9299ca9e728
SHA512

86558a7ba1b4a442dc964adc50981d1d52b9fd247d4fe02e04e43d1ca12b531c4cb24e39d7a1be81dd43570577102a68836d22b5461afc4d291a7e2a503b0f6a
SSDEEP

12288:R3zQzq+h0/LfW6vNTt+DDw0k3s+qEiDhX1k+UmDIenj0DU9HjKnL+nQDaM:ZzQbS/LOLDDfk3/Ck+UmD9YDAHjKnLt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b311f10e43a692c90bd5855544107561_JaffaCakes118

Files

b311f10e43a692c90bd5855544107561_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8278b3cab50f0b720e5a3221e0efdaf5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetStdHandle
WaitForSingleObject
TlsGetValue
HeapWalk
GetModuleHandleA
lstrlenA
GetACP
GetAtomNameA
VirtualProtect
FindAtomA
CompareFileTime
TlsFree
CloseHandle
GetConsoleCP
GetVersion
GetTickCount
GetProfileIntA
InterlockedExchange
GlobalUnlock
LoadLibraryExA

user32

SetPropA
EqualRect
GetMenu
MessageBoxA
GetDlgItem
InsertMenuA
CopyRect
GetKeyboardLayout
DialogBoxParamA
SubtractRect
InflateRect
CreateCaret
ModifyMenuA
TranslateMessage
PaintDesktop
PostMessageA
SetWindowPos
ShowWindow
GetMenuStringA
DispatchMessageA
LoadIconA
EnableScrollBar
PostQuitMessage
GetSubMenu
DestroyMenu
GetWindowLongA
GetWindowTextA
UpdateWindow
GetScrollRange

msi

MsiDoActionA
MsiCloseHandle
MsiEnumClientsA
MsiGetMode
MsiEnumProductsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ