e13995a889cef22317f96092bbd75c05_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e13995a889cef22317f96092bbd75c05_JaffaCakes118
Size

244KB
MD5

e13995a889cef22317f96092bbd75c05
SHA1

c6441d9fe20dab934033a61b3e0efefc111727cf
SHA256

61623f71963b9629673fd2817f48d1de12fc9badd03d2edd6baa847030e188cc
SHA512

13fa90d8823f0beb848d64f3cbb7b6dfb877f2fff98e4e3ef5444c405ae9130cd7f98acdc53972044d807eb1b1315339bf10774c42457948b62a52623f8c6dc4
SSDEEP

6144:ynREcME9yfpSWQ8da5SB8yPQBinu+kWJDUi:ynR+E9yfpzQ8dO3yPDu+xRU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e13995a889cef22317f96092bbd75c05_JaffaCakes118

Files

e13995a889cef22317f96092bbd75c05_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b6345c1af045d1abdfc2aef1d61fa1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringW
WideCharToMultiByte
lstrcatW
SetVolumeLabelA
GetNumberFormatW
LocalReAlloc
HeapCompact
GetShortPathNameW
GetCurrentDirectoryW
SetMessageWaitingIndicator
OpenMutexA
ResetWriteWatch

user32

IsWindow
SetMessageQueue
CreateIconFromResourceEx
wsprintfW
ReleaseDC
PostThreadMessageA
IsCharLowerW
DdeImpersonateClient
GetClassNameW
IsWindowUnicode
GetCapture
SwitchToThisWindow

gdi32

CreateDIBPatternBrushPt
GetWorldTransform
GetTextExtentExPointA
SetMapperFlags
WidenPath
Polyline

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 946B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE