b8ef9e6b18fcb99b090d2cd5761d7d1c_JaffaCakes118 | Triage

Sharing

General

Target

b8ef9e6b18fcb99b090d2cd5761d7d1c_JaffaCakes118
Size

815KB
MD5

b8ef9e6b18fcb99b090d2cd5761d7d1c
SHA1

a18c2a148132d8c76216cbabd330d7fdef47846d
SHA256

50b100855f9dbdf855c3324e92aa5595ccb1437c183b23ddf4c0d9c873756ad1
SHA512

dc3dd9ae0ff34d807fcf82b4a28f7d7053564dd095815fff24365348f11a471083dc6b7bfc8fafeb05aad29085affaa8ba907efa16bb909bb5cbd4d5071ce1f4
SSDEEP

12288:EZFUHF+uFbAARLjT/D9HodShlxxKr/bdaCZU+x95JWiQbPgZpx7gE1Na78eUpfBD:ExuFBLjT/JIuxKThXZUypoPg1NI71UpF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8ef9e6b18fcb99b090d2cd5761d7d1c_JaffaCakes118

Files

b8ef9e6b18fcb99b090d2cd5761d7d1c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0643b44abf77f20df8f0ff5ee2c3ea34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
CreateFileA
SetupComm
lstrlenA
HeapCreate
CreateMutexA
SetLastError
ExitProcess
GetLastError
FreeEnvironmentStringsA
UnmapViewOfFile
GetACP
LoadLibraryExW
FindClose
FindAtomA
TlsGetValue
LocalFree
HeapDestroy
MapViewOfFile
GetModuleHandleA

user32

DrawEdge
DispatchMessageA
DrawMenuBar
CheckRadioButton
DefWindowProcW
GetDC
CallWindowProcA
GetIconInfo
FillRect
CopyRect
IsWindow
GetDlgItem
GetFocus
MessageBoxA

uxtheme

DrawThemeEdge
GetThemeSysInt
GetThemeRect
DrawThemeText
DrawThemeIcon

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ