ce2e5a26b1475ba1d6303bf7bb91857b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce2e5a26b1475ba1d6303bf7bb91857b_JaffaCakes118
Size

380KB
MD5

ce2e5a26b1475ba1d6303bf7bb91857b
SHA1

b08cd90b8cbb83bea51012d5431fe9e3139c2684
SHA256

3695149c376455ff69e0affa4cb72b0e181c8ffd3f5f47eb50baa08ea1c0f2a6
SHA512

19f11a9e8d8725e6dcc258284118838bd2828291d53875264335e0c3d2416d68193894e1d1adf7987ed642f955b08753599a53eaded9673804d647fa0df5b685
SSDEEP

6144:73B1yBHKsfiI8EHf5DpIo0dv9LfWvyvNR9cc7CmgqonZms3NeGuM+Y+LSfhQLimY:73zQzq+h0/LfW6vNTt+DDw0k3s+qEiD/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce2e5a26b1475ba1d6303bf7bb91857b_JaffaCakes118

Files

ce2e5a26b1475ba1d6303bf7bb91857b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80d927c96154c94e60a9cc3d5c7b8e28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
GetStdHandle
TlsFree
LoadLibraryExA
CloseHandle
GlobalUnlock
WaitForSingleObject
GetAtomNameA
lstrlenA
GetACP
HeapReAlloc
HeapWalk
GetVersion
GetTickCount
FindAtomA
TlsGetValue
VirtualProtect
GetModuleHandleA
InterlockedExchange
GetProfileIntA
GetConsoleCP

user32

SubtractRect
EnableScrollBar
InflateRect
DialogBoxParamA
TranslateMessage
PostMessageA
GetMenu
LoadIconA
ShowWindow
DispatchMessageA
CopyRect
GetWindowLongA
DestroyMenu
GetDlgItem
EqualRect
GetScrollRange
PostQuitMessage
InsertMenuA
CreateCaret
GetWindowTextA
PaintDesktop
GetKeyboardLayout
UpdateWindow
SetWindowPos
SetPropA
GetSubMenu
GetMenuStringA
ModifyMenuA
MessageBoxA

msi

MsiEnumClientsA
MsiGetMode
MsiEnumProductsA
MsiDoActionA
MsiCloseHandle

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ