d2a72570ac13132c1710fa4e736a5d37_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2a72570ac13132c1710fa4e736a5d37_JaffaCakes118
Size

18KB
MD5

d2a72570ac13132c1710fa4e736a5d37
SHA1

ae0f17a0f530aa8a57069bdba5d4a5e1e426929f
SHA256

46fd321c43b109fc2101c68fb111023513a32d454e93f9014642d09b7204f1df
SHA512

32e42e82b635b0551ee37163916809ebb0aef34524501edcc6a4d14355731ee32e0867933e852fe12b04bc53b3d3e5c2dba32ef9f7f94cd78227f47bf4610dd6
SSDEEP

384:1g6rnC1QJ+StdR2I0n29BP/nWHOuDug9M13yyyyyyyyyyyyyyyyyyyyyyyyyyyy7:monCKJNtdRmnKBP/nwugi13yyyyyyyy8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2a72570ac13132c1710fa4e736a5d37_JaffaCakes118

Files

d2a72570ac13132c1710fa4e736a5d37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a619b95207dc3013878948b93eeeced

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetVersion
CompareFileTime
GetConsoleCP
GetProfileIntA
FindAtomA
HeapReAlloc
TlsFree
VirtualProtect
GetStdHandle
WaitForSingleObject
GetAtomNameA
HeapWalk
GetModuleHandleA
LoadLibraryA
lstrlenA
GetACP
GetTickCount
GlobalUnlock
InterlockedExchange
TlsGetValue

user32

EnableScrollBar
InsertMenuA
InflateRect
GetDlgItem
PostMessageA
PaintDesktop
ShowWindow
GetWindowTextA
GetMenu
GetScrollRange
LoadIconA
SetWindowPos
CopyRect
ModifyMenuA
UpdateWindow
EqualRect
GetSubMenu
GetKeyboardLayout
DestroyMenu
CreateCaret
GetMenuStringA
TranslateMessage
SubtractRect
DialogBoxParamA
SetPropA
DispatchMessageA
MessageBoxA
PostQuitMessage

msi

MsiEnumClientsA
MsiEnumProductsA
MsiGetMode
MsiCloseHandle
MsiDoActionA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ