e036c77caf37a299b59391c0f28ab589_JaffaCakes118 | Triage

Sharing

General

Target

e036c77caf37a299b59391c0f28ab589_JaffaCakes118
Size

813KB
MD5

e036c77caf37a299b59391c0f28ab589
SHA1

1ef2f99035fea6c0f271f516b3a415d2d042fd0e
SHA256

0fec4b706fa5f99290a0f9c2a1b7f0aebc379be13c26edd77c05075ca090d103
SHA512

c72332d29b30d9af077b2ea29633fff1251a8b4df7679a839bdf00cca63709a7238ab0288fd14d737703aff9278027d0a68b91cf8dc28a8f8e056e246e53de0d
SSDEEP

24576:IzI/6BAhRT5gYamQevvQrUvMlLthGkUyynuc4kNR:IzIdtBzPvJUNt7UySucT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e036c77caf37a299b59391c0f28ab589_JaffaCakes118

Files

e036c77caf37a299b59391c0f28ab589_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4a8aed0c70351e5755952e91014a9e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LocalLock
TlsGetValue
CreateFileMappingA
HeapCreate
LocalFree
LoadLibraryExA
IsBadReadPtr
WaitForSingleObject
GetLastError
CreateFileA
FreeEnvironmentStringsA
GetACP
GetConsoleCP
GetStdHandle
IsDebuggerPresent
LocalUnlock
CreateEventA
CloseHandle
FindClose

user32

IsWindow
GetIconInfo
GetDC
PostMessageA
SetFocus
EndMenu
CreateDialogParamA
EmptyClipboard
GetDlgItem
DefWindowProcA
ScrollWindow
GetMessageA
DispatchMessageA
DrawIconEx

msasn1

ASN1BERDecBool
ASN1BERDecEoid
ASN1BEREncFlush
ASN1BEREncLength
ASN1BERDecCheck

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ