d3aec0cb175c30a3d10d7e2489bbfaff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3aec0cb175c30a3d10d7e2489bbfaff_JaffaCakes118
Size

18KB
MD5

d3aec0cb175c30a3d10d7e2489bbfaff
SHA1

0a547f4b9069e2fe7eeb2e7a3b0a9b0653492b88
SHA256

9724b7f02b73f06bc37b4bc46a7d54b52400492e7a308a58708b52f57bb66a2e
SHA512

2de0ef91578dfdeca4fb35da9879d22df4ada4748c36bc10035ab5f48bdcc92bb31866adae47ecd4b10c54a1bb2afd7dd1e708f573081c19e3d16291715f2394
SSDEEP

384:Bxejf64UORPVDJQCsO+WORcnzSRPMC0/j+:BxQfAOjiCsO+WOirb/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3aec0cb175c30a3d10d7e2489bbfaff_JaffaCakes118

Files

d3aec0cb175c30a3d10d7e2489bbfaff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a843056209d0d99f42e8ea1fb45d900b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetTickCount
CompareFileTime
GetConsoleCP
GetVersion
HeapReAlloc
GetModuleHandleA
GetACP
InterlockedExchange
lstrlenA
FindAtomA
GlobalUnlock
CloseHandle
WaitForSingleObject
GetStdHandle
GetProfileIntA
VirtualProtect
TlsFree
GetAtomNameA
LoadLibraryA
HeapWalk

user32

SetPropA
ShowWindow
PostQuitMessage
PostMessageA
SubtractRect
PaintDesktop
InflateRect
LoadIconA
TranslateMessage
DialogBoxParamA
CreateCaret
GetDlgItem
CopyRect
GetMenu
EnableScrollBar
GetMenuStringA
SetWindowPos
GetWindowTextA
GetScrollRange
GetSubMenu
DestroyMenu
GetKeyboardLayout
MessageBoxA
DispatchMessageA
InsertMenuA
ModifyMenuA
EqualRect
UpdateWindow

msi

MsiCloseHandle
MsiGetMode
MsiEnumClientsA
MsiEnumProductsA
MsiDoActionA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ