e0b77ceb1e0d69ab9a30fc73a224fae6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0b77ceb1e0d69ab9a30fc73a224fae6_JaffaCakes118
Size

814KB
MD5

e0b77ceb1e0d69ab9a30fc73a224fae6
SHA1

0eab232e93a0cf656d91e572f5128f429b59483b
SHA256

c4055a221cd378effb0cfa45ec884bb7807cfcd05fb16914e44c2752f1ac965e
SHA512

9b7c3b7ca80f6bfa7bcf833806773c6d0e0fcbbaf55c8e7109c47e5abf61f8a99c3f87e9a89732a31fa73b4de3864fd8308eed4b23c70d78aba35959b266cbaa
SSDEEP

24576:gceApxekYueQbcSbENp6e/C1C2w2XYZl+Ota7q:g50QueObEjJb00a7q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0b77ceb1e0d69ab9a30fc73a224fae6_JaffaCakes118

Files

e0b77ceb1e0d69ab9a30fc73a224fae6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

769e8035e9ca6d8d740764cb35576e5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
GetConsoleCP
SleepEx
CreateFileA
GetConsoleAliasW
LoadLibraryExW
Sleep
GetLastError
HeapCreate
GetACP
GlobalUnlock
FindAtomA
LocalLock
CloseHandle
FreeEnvironmentStringsA
TlsGetValue
ExitProcess
GetModuleHandleA
LocalFree
FindClose

user32

DispatchMessageA
GetFocus
GetIconInfo
DefWindowProcW
DrawFrame
GetDC
GetDlgItem
DrawEdge
CallWindowProcA
IsWindow
FillRect
CheckRadioButton
CopyRect
MessageBoxA

clbcatq

GetCatalogObject
GetComputerObject
InprocServer32FromString
SetSetupOpen
SetSetupSave

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ