e065d049a6a8d530d7ef0cf73255c9b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e065d049a6a8d530d7ef0cf73255c9b8_JaffaCakes118
Size

131KB
MD5

e065d049a6a8d530d7ef0cf73255c9b8
SHA1

5097499f2b5f16dcc401572a0a7343411c435418
SHA256

a0356f65204be290f1e740d2e28cd47d68f52d65ec1e7e0214ae4f3c745e2880
SHA512

effa963be8dfe38d255360c3392ef0b9096853652157a38d5538192c68ab0a35c57e9ef6dfa26f4373e133b95ffeac28b515c41b2f8b62ea5530e223279ee1e3
SSDEEP

1536:xXjT62zpkVy+jV52hm1wqAuU4aSgUaK2Gbwm50SM4bLd3jNEDUbCsoz21B0io/fz:xTT62B+j2h+NaqxJwJfmLRGDUbCBpNRx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e065d049a6a8d530d7ef0cf73255c9b8_JaffaCakes118

Files

e065d049a6a8d530d7ef0cf73255c9b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20fa61fba97cb77f43de2d44fa42d2e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
ExitProcess
GetCommandLineA
GetExitCodeProcess
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GlobalHandle
IsDebuggerPresent
LoadLibraryA
LoadLibraryW
TlsGetValue
VirtualAlloc
VirtualFree

user32

CreateWindowExA
DispatchMessageA
GetClassInfoA
GetDlgItem
GetParent
LoadCursorA
MapWindowPoints
ScreenToClient
SendMessageA
SetWindowTextA
ShowWindow
UnregisterClassA

gdi32

CreateCompatibleDC
CreateDIBitmap
CreateFontIndirectA
DeleteDC
ExtTextOutA
MoveToEx
SelectObject
SetROP2
SetViewportExtEx
SetViewportOrgEx
StretchBlt
UnrealizeObject

shell32

DragQueryFileW
ExtractIconA
ExtractIconExW
SHAddToRecentDocs
SHCreateDirectoryExA
SHCreateDirectoryExW
SHGetFileInfoA
SHGetSpecialFolderPathW
ShellExecuteW

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ