d0e5d39f0b3677888330bf5650423a47_JaffaCakes118 | Triage

Sharing

General

Target

d0e5d39f0b3677888330bf5650423a47_JaffaCakes118
Size

244KB
MD5

d0e5d39f0b3677888330bf5650423a47
SHA1

95c14fb92c94ed5149449db95e1c0d83468eeaf8
SHA256

9be33f02fc23252eca970f8fb78f5138582635c48cd00b15de6d5476899a164d
SHA512

53c27f5c563b92f1de2201ed6d04bab7ac15782fae8d2fd28a63c786ae8e1eb28eb72e7c4cf7a126e1eef8f28f4e2bd594f6b7f58ef2a2048f954ed4b9356d45
SSDEEP

6144:E3B1yBHKsfiI8EHf5DpIo0dv9LfWvyvNR9cc7CmgqonZms3Ne9:E3zQzq+h0/LfW6vNTt+DDw0k9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0e5d39f0b3677888330bf5650423a47_JaffaCakes118

Files

d0e5d39f0b3677888330bf5650423a47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32db0e1f5349b228f71c786614c280a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
HeapWalk
GetConsoleCP
LoadLibraryExA
HeapReAlloc
InterlockedExchange
GetVersion
FindAtomA
GetProfileIntA
Sleep
VirtualProtect
CompareFileTime
SetEvent
TlsFree
GetModuleHandleA
GetAtomNameA
CloseHandle
lstrlenA
GetACP
GlobalUnlock
WaitForSingleObject

user32

CreateCaret
UpdateWindow
GetKeyboardLayout
PostQuitMessage
ModifyMenuA
GetWindowTextA
DispatchMessageA
GetDlgItem
DestroyMenu
CopyRect
SetWindowPos
PostMessageA
PaintDesktop
LoadIconA
InsertMenuA
GetMenuStringA
GetMenu
SubtractRect
ShowWindow
SetPropA
MessageBoxA
DialogBoxParamA
EqualRect
EnableScrollBar
GetSubMenu
TranslateMessage
InflateRect
GetWindowLongA
GetScrollRange

msi

MsiDoActionA
MsiCloseHandle
MsiEnumClientsA
MsiGetMode
MsiEnumProductsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ