e0b2a0d0c73325916f7bfde4a1dbd1cf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0b2a0d0c73325916f7bfde4a1dbd1cf_JaffaCakes118
Size

637KB
MD5

e0b2a0d0c73325916f7bfde4a1dbd1cf
SHA1

85cd361dbb2b1cad443468486dafa80dca6ef8a3
SHA256

15544fe17e0d52bd1ec45110f6909b4c4dc28e801480bab69829f7af99aaf219
SHA512

96160fa51b158df40eda72552b09667083e61afb6a40681fb7c1a42aca12dbf997f13984e0ae85d45798b06a82c9086fc88abdf4b5022771867067a54cbc3773
SSDEEP

12288:XYp+Ju0jthFyxDdeC3yjgtIKDZQx2TcDrksJvWLwqWeb:WQVNyp3sgAx2TXsJvWLnW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0b2a0d0c73325916f7bfde4a1dbd1cf_JaffaCakes118

Files

e0b2a0d0c73325916f7bfde4a1dbd1cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ece552a9d7a2ebca4282e3dedc7d6b46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
CompareFileTime
VirtualProtect
GetTickCount
InterlockedExchange
CloseHandle
FindAtomA
ResetEvent
HeapReAlloc
GlobalUnlock
HeapWalk
SetEvent
WaitForSingleObject
GetVersion
TlsFree
LoadLibraryExA
GetConsoleCP
GetModuleHandleA
lstrlenA
GetProfileIntA
GetAtomNameA

user32

PaintDesktop
SetWindowPos
CopyRect
GetWindowLongA
LoadIconA
DispatchMessageA
SubtractRect
GetKeyboardLayout
GetSubMenu
SetPropA
GetScrollRange
DialogBoxParamA
GetMenuStringA
GetWindowTextA
PostMessageA
InflateRect
TranslateMessage
MessageBoxA
EqualRect
DestroyMenu
ModifyMenuA
GetDlgItem
ShowWindow
EnableScrollBar
CreateCaret
UpdateWindow
InsertMenuA
PostQuitMessage
GetMenu

msi

MsiGetMode
MsiDoActionA
MsiEnumClientsA
MsiEnumProductsA
MsiCloseHandle

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ