c7854606ad1ab61faf9dc2119aa755f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7854606ad1ab61faf9dc2119aa755f5_JaffaCakes118
Size

244KB
MD5

c7854606ad1ab61faf9dc2119aa755f5
SHA1

cfae9215df6fcd17972a0e81c70df1db3a395cc3
SHA256

0b883eb1e2ce2025d54274a166ca542b8f1f0e59ba3a328b48a233ad120d8a2b
SHA512

4694bb8533819d47e33982fab929b22b04c1ce3e6dd3fec801090b39d052f695b3fc60513e2fd4129c455c6897e6adbf7204c8696131580e28b459c122aabe97
SSDEEP

6144:G24spes4G1+JW4o1ISKEEoR9tUAxqcLjsj5sWUzrbwnVe:5R1+jSpEoRzUA4Usj5sWUznwnI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7854606ad1ab61faf9dc2119aa755f5_JaffaCakes118

Files

c7854606ad1ab61faf9dc2119aa755f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6649897e02244043f03cb41bc06ebe6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetModuleHandleA
LoadLibraryA
GetConsoleCP
CloseHandle
GetVersion
HeapReAlloc
lstrlenA
TlsGetValue
GetAtomNameA
HeapWalk
VirtualProtect
FindAtomA
CompareFileTime
GlobalUnlock
GetProfileIntA
GetTickCount
GetACP
InterlockedExchange
TlsFree
GetStdHandle

user32

CreateCaret
GetMenu
PostQuitMessage
ModifyMenuA
ShowWindow
GetWindowTextA
SubtractRect
GetDlgItem
GetScrollRange
LoadIconA
PostMessageA
GetSubMenu
EnableScrollBar
DialogBoxParamA
EqualRect
MessageBoxA
TranslateMessage
PaintDesktop
UpdateWindow
SetWindowPos
InsertMenuA
GetMenuStringA
DispatchMessageA
InflateRect
DestroyMenu
GetKeyboardLayout
CopyRect
SetPropA

msi

MsiEnumProductsA
MsiGetMode
MsiEnumClientsA
MsiCloseHandle
MsiDoActionA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ