e0b380a50ffdd771865a7fe3764a133f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0b380a50ffdd771865a7fe3764a133f_JaffaCakes118
Size

230KB
MD5

e0b380a50ffdd771865a7fe3764a133f
SHA1

3fd1e9c8ce47230a416576787c2fec572ac8e400
SHA256

0b69c6bf15594e94e3978bd173a12d8ddc7a311b8b28fbfa9dafb86857b0267c
SHA512

14ef447531c117061611dfd8e76944001ef689a535213f90c854fae98b5457efb82464a807fd243941a1d26d16c206bd760ebb7ec338c2e579791328ac34d23d
SSDEEP

6144:4pAjxMWoOtir1p4wDGRFR0QVDWuxTw8GfZJokPJY5:4ShoOtirZDGRFSQdXTmhJokPJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0b380a50ffdd771865a7fe3764a133f_JaffaCakes118

Files

e0b380a50ffdd771865a7fe3764a133f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

297eb88b00c9122c8c850d26802733b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableW
GetCurrentDirectoryW
GetLocalTime
DeleteAtom
DuplicateHandle
GetDefaultCommConfigW
AllocConsole
TlsGetValue
FillConsoleOutputCharacterW

user32

GrayStringW
GetClassInfoA
GetWindowContextHelpId
OemKeyScan
SwitchToThisWindow
GetKeyboardType
LoadBitmapW
ScrollWindow
CreateIcon
UnhookWindowsHookEx
IsDialogMessageA
GetKeyboardLayoutNameA
RegisterShellHookWindow
HiliteMenuItem

gdi32

SetBrushOrgEx
GetDeviceGammaRamp
SetGraphicsMode
PolylineTo

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 878B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE