e0edd21863a97781d4dbb11b1b1d0e06_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0edd21863a97781d4dbb11b1b1d0e06_JaffaCakes118
Size

151KB
MD5

e0edd21863a97781d4dbb11b1b1d0e06
SHA1

6b6cd7246ef685df2b2a1fbefdd694c95dd0203d
SHA256

03766e4830530d6ff09844fde9cd4ecb8c90d8eddf89460ee75690548cf85cf3
SHA512

15ad1bd5dbaa475bf36c4e6b8fca749131cd93b8f412ed82ae94a9a832e46264cf9e8ba6bdc01a1dbc9a1fac8f085e3318208569f176fc61859c76c3cbedb1c9
SSDEEP

3072:ih4hSXK8oamNperRawtmMdjaUYq0SYcfztWNB:iUSXloxMHvdY99cf5W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0edd21863a97781d4dbb11b1b1d0e06_JaffaCakes118

Files

e0edd21863a97781d4dbb11b1b1d0e06_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e62685242fa5cdcdd3c708c5ec5ac729

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
ShowWindow
GetSystemMetrics
GetDC
CharNextA

kernel32

MulDiv
DeleteFileW
SetLastError
DeleteFileA
GlobalFindAtomW
CopyFileA
GetUserDefaultLangID
GetACP
VirtualAlloc
GetVersion
GetConsoleOutputCP
GetCurrentProcessId
GetThreadLocale
VirtualFree

gdi32

PatBlt
RestoreDC
GetClipBox
RectVisible
GetDeviceCaps
Rectangle
SetMapMode
SetStretchBltMode
GetPixel

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1024B - Virtual size: 985B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Pkxxcb O
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ