de416d0be346d14648e91d97c6ddf1cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de416d0be346d14648e91d97c6ddf1cd_JaffaCakes118
Size

716KB
MD5

de416d0be346d14648e91d97c6ddf1cd
SHA1

33410e17c2d58ecdb5ea85805c8595aa566ed1cc
SHA256

d650848d20092ef2c4339b43f6355592c9f2f884f55c49eda6b3ce5dc3a0f432
SHA512

a5e25387594d1a1da7ff13d4c675976aef4cebd4f603be19810625647662ec7770095eb94f3c71aff09116f4dbcfb474710fbba2f3d7d586c95710a6e13f35fb
SSDEEP

12288:hTneIYcKGmnrlryFXif9Igb4J7rirzHQn1y5xOaoHx/IsoBdAyHdLjFSp+V:hTnepfhRryFS6IcKwc5xFo1IsoB/jcp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de416d0be346d14648e91d97c6ddf1cd_JaffaCakes118

Files

de416d0be346d14648e91d97c6ddf1cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a03294d702c396ad0e012b7c7c7f7488

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileIntA
TlsFree
CompareFileTime
LoadLibraryW
CloseHandle
ResetEvent
GetConsoleCP
GlobalUnlock
GetVersion
GetModuleHandleA
VirtualProtect
lstrlenA
GetTickCount
SetEvent
FindAtomA
HeapReAlloc
HeapWalk
GetACP
InterlockedExchange
WaitForSingleObject
GetAtomNameA

user32

ScrollDC
LoadIconA
CopyRect
GetParent
DispatchMessageA
SetWindowPos
GetDlgItem
GetWindowLongA
MessageBoxA
GetMenuStringA
GetKeyboardLayout
DialogBoxParamA
PostMessageA
InsertMenuA
DestroyMenu
SetSysColors
ModifyMenuA
TranslateMessage
GetMenu
ShowWindow
PostQuitMessage
GetSubMenu
SetPropA
InflateRect
GetWindowTextA
EnableScrollBar
GetScrollRange
EqualRect
UpdateWindow

msi

MsiGetMode
MsiDoActionA
MsiEnumProductsA
MsiEnumClientsA
MsiCloseHandle

apphelp

ApphelpCheckExe

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ