ce21e9eec02ebb4cd1a15c24287df224_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce21e9eec02ebb4cd1a15c24287df224_JaffaCakes118
Size

156KB
MD5

ce21e9eec02ebb4cd1a15c24287df224
SHA1

e3f661274f30db2e4dad42c30e4b594ce21f0f9a
SHA256

8651350b3ada492f83057df86338298d855f99e68e0ffe70ef623f600caece6d
SHA512

3d6f4d7144b910072b4d1e37bd0fbd35b0933d264d44079109edaede4cdd2c7fbde939ba19a5e5b247e5152470b1e1de6f256556fc316f6063a1cd492d8b213b
SSDEEP

3072:apezjQzOinImRUNO65xsSsC/W6bI7t2Vmx7CuNnKtywsqiYIL/wDCnETCc:iezkzOkImGNd5xsSsCeMot2VyeAnDwru

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce21e9eec02ebb4cd1a15c24287df224_JaffaCakes118

Files

ce21e9eec02ebb4cd1a15c24287df224_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b2c08d038b15bb4e835b412fcd1d6f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindClose
SetErrorMode
GetVDMCurrentDirectories
FindNextFileW
FindResourceW
GetLocalTime
FindFirstFileW
SetThreadPriorityBoost
HeapCreate
FreeLibrary
FileTimeToLocalFileTime
FileTimeToSystemTime
EnumResourceNamesW
LoadResource
SystemTimeToFileTime
LocalFileTimeToFileTime
SetCurrentDirectoryW
RegisterWaitForSingleObject
CompareStringA
GetStringTypeW
GetShortPathNameW
SetEnvironmentVariableW
SearchPathW

user32

GetWindowInfo
ReleaseCapture
ValidateRect
SetCapture
ValidateRgn
ExcludeUpdateRgn
InvalidateRgn
GetCapture
GetUpdateRgn

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ