e02c8333a078dc6023507cea5391797f_JaffaCakes118 | Triage

Sharing

General

Target

e02c8333a078dc6023507cea5391797f_JaffaCakes118
Size

32KB
MD5

e02c8333a078dc6023507cea5391797f
SHA1

dfba4fd92f236dca0c5d14f80b298469e44c429c
SHA256

986503f9fa6e1ae6f785c4c7917685fcd18b37d0ca76bd8992bef663eb10827a
SHA512

61ada07ff35c6abfcfdc9efec548fad17359734f59708e49a7ffc3619f3b8afaf68b9be11679ddbb0fff57efce223c28f668d053c61795ab6e5fdee5f6f7e49c
SSDEEP

768:YZ2yHBBBtFfvNNylOasu3/KgwEM9eO+En2:ZABBBtFfvNAYu3/KgwEKvn2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e02c8333a078dc6023507cea5391797f_JaffaCakes118

Files

e02c8333a078dc6023507cea5391797f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a9a140a6e5a918324bdf0e5283d16d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
TlsFree
FreeEnvironmentStringsA
TlsGetValue
GetEnvironmentStrings
LeaveCriticalSection
IsValidCodePage
TlsSetValue
InitializeCriticalSection
GetWindowsDirectoryA
TlsAlloc
IsDBCSLeadByte
EnterCriticalSection
DeleteCriticalSection
GetACP
CreateDirectoryA
GetUserDefaultLCID
ExitProcess
LocalFree
FormatMessageA
GetModuleHandleA
ReadFile
CreateFileA
VirtualAlloc

user32

IsWindowVisible
IsWindowEnabled
UnregisterClassA
PostMessageA
ShowWindow
SetWindowTextA
GetActiveWindow
CreateWindowExA
PostQuitMessage
PeekMessageA
SetFocus
EndDialog
DispatchMessageA
SendMessageA
IsWindow
GetDesktopWindow
MessageBoxA
wsprintfA

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ