df1febc3890e09e4c891cbefc96d0495_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df1febc3890e09e4c891cbefc96d0495_JaffaCakes118
Size

270KB
MD5

df1febc3890e09e4c891cbefc96d0495
SHA1

99e13157a5d6d51a20c6a69dd81c941eb4a3826f
SHA256

c9d848cf2e3209e6442e0aab20fd7140e566c255cd2b2df2064aa82b1be5e51d
SHA512

4fc96d4725897c5f630d0a9e1ec5f29083bb1f8254b85c609352240174326756b335904c9c944259bec5394b1e8d6220c9a6c45f7ad226acdf3c92520fb84745
SSDEEP

6144:dVww5o/S/qGdE6ZmYzJVfTYonSm1/wl2Fmk:/w4/qQLmuJVUGSm1/M2wk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df1febc3890e09e4c891cbefc96d0495_JaffaCakes118

Files

df1febc3890e09e4c891cbefc96d0495_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2aad913eca26c2f5b1ad7b883d49532

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetConsoleCP
GlobalUnlock
GetModuleHandleA
GetStdHandle
GetAtomNameA
CompareFileTime
TlsGetValue
GetACP
GetVersion
GetProfileIntA
InterlockedExchange
GetTickCount
LoadLibraryA
HeapWalk
FindAtomA
HeapReAlloc
TlsFree
lstrlenA
CloseHandle
WaitForSingleObject

user32

CopyRect
SetWindowPos
GetMenu
InsertMenuA
MessageBoxA
GetKeyboardLayout
GetWindowTextA
DialogBoxParamA
SetPropA
CreateCaret
GetDlgItem
PostMessageA
DestroyMenu
LoadIconA
EqualRect
TranslateMessage
InflateRect
ModifyMenuA
UpdateWindow
EnableScrollBar
GetMenuStringA
ShowWindow
SubtractRect
DispatchMessageA
PaintDesktop

msi

MsiEnumClientsA
MsiDoActionA
MsiGetMode
MsiEnumProductsA
MsiCloseHandle

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ