e06108182330b8f3431a90dc9f80b3f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e06108182330b8f3431a90dc9f80b3f6_JaffaCakes118
Size

19KB
MD5

e06108182330b8f3431a90dc9f80b3f6
SHA1

57a85d879f1547c11a8579a72915745bf677b93b
SHA256

7e59109e97de16596a8016f99369ca948d3809e1f72f98312394505438332df1
SHA512

73c99d27114275d2d1a9a8d2d0a95b0641d463fdfa1d09f8ab3846fbe71fc128cc866813a18832504d211251aa90355f3c05c02c8451efd3091d47fd66e36604
SSDEEP

384:oxwfMSEhCXrpGuv1dxbzCPHoaizkxI0g6JXuxnmv:UwkSEhq0utDKP5UR0g6J+a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e06108182330b8f3431a90dc9f80b3f6_JaffaCakes118

Files

e06108182330b8f3431a90dc9f80b3f6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5b7017fc4bb8b3c1de042f06b1d77806

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrToIntA

kernel32

MultiByteToWideChar
GetCPInfo
lstrcmpW
WideCharToMultiByte
GetUserDefaultLCID
lstrlenA
LCMapStringA
lstrcatA
IsValidCodePage
IsDBCSLeadByte
LocalFree
FormatMessageA
ReadFile
CreateFileA
VirtualAlloc
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
lstrcpynA
lstrcmpA
GetACP
GetLastError
SetUnhandledExceptionFilter
ExitProcess
GetModuleHandleA

user32

ReleaseDC
wsprintfA
GetDC
FillRect
ScreenToClient
GetSysColor
MessageBoxA

gdi32

SetTextColor
DeleteDC
SelectObject
SetBkColor
DeleteObject
GetDeviceCaps

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ