c188bb67261cafc5a92bc8da46fa64aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c188bb67261cafc5a92bc8da46fa64aa_JaffaCakes118
Size

637KB
MD5

c188bb67261cafc5a92bc8da46fa64aa
SHA1

b2b4a97fbe761b83e0457b83cada65d29967f8e0
SHA256

34b17ac1f7aca4ef0b12a531e7b79ff17d963c5d8030b060f74f225b35022b35
SHA512

11a183fb258be0dfff30813611a136b8ce5097f32d6f361e6777d9dca5cb5d1d7e6f9ed66555a77caf8dd770fec435c9cfacc4a6732979e3b2fbae04b1fa6bbe
SSDEEP

12288:zEWMadSLnNiPUJLHb5h+jqfi8ayQu2NjE8UIZd/AOz7pqN5I0kHUQSA:kXLnEMJjqWq8MNgBIrhc5GZSA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c188bb67261cafc5a92bc8da46fa64aa_JaffaCakes118

Files

c188bb67261cafc5a92bc8da46fa64aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7d9adc9019966f9d25183d89d4b29ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
CloseHandle
FindAtomA
lstrlenA
LoadLibraryA
TlsGetValue
HeapReAlloc
GetAtomNameA
VirtualProtect
InterlockedExchange
HeapWalk
GetTickCount
GetProfileIntA
GetModuleHandleA
CompareFileTime
GetConsoleCP
TlsFree
WaitForSingleObject
GetStdHandle
GlobalUnlock
GetVersion

user32

EnableScrollBar
ShowWindow
SubtractRect
InflateRect
DialogBoxParamA
GetWindowTextA
GetKeyboardLayout
PostMessageA
InsertMenuA
MessageBoxA
SetWindowPos
GetDlgItem
LoadIconA
GetMenuStringA
CreateCaret
SetPropA
TranslateMessage
DestroyMenu
PostQuitMessage
GetMenu
ModifyMenuA
GetScrollRange
CopyRect
PaintDesktop
EqualRect
UpdateWindow
DispatchMessageA

msi

MsiEnumClientsA
MsiCloseHandle
MsiGetMode
MsiEnumProductsA
MsiDoActionA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ