e10e6e61c3f104ed6fb9702aee807029_JaffaCakes118 | Triage

Sharing

General

Target

e10e6e61c3f104ed6fb9702aee807029_JaffaCakes118
Size

148KB
MD5

e10e6e61c3f104ed6fb9702aee807029
SHA1

3bdadb67ec448f780b667eab595b2eefa8071551
SHA256

74a243b7f7630bcf78cd1ae8474dbb4ea61420be7031b74e8aee18417ed45c00
SHA512

6bb67a357f1faae4b52109fd361efe041fc19938858b56137a4058f5298c5b3932b0f60e78c44a98c6b77c23fd6e36578f07e73f09b002bc2ad19734d448e14b
SSDEEP

3072:GzhUwyDWYa2uu1+P8D5QC4B3zgA97BH666oOMT:wUXDIIU8D5Q13zgA97B7U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e10e6e61c3f104ed6fb9702aee807029_JaffaCakes118

Files

e10e6e61c3f104ed6fb9702aee807029_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa01b9b93fa857bb1a682550514e1b8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetVersion
RemoveDirectoryA
GetLastError
VirtualAlloc
SetCurrentDirectoryA
GetCommandLineW
GlobalFindAtomA
VirtualFree
GetOEMCP
lstrcmpiA
GetModuleHandleA
GetCurrentThreadId
DeleteFileW

user32

ShowWindow
DispatchMessageA
GetDesktopWindow
TranslateMessage
GetSystemMetrics
GetParent

gdi32

CreateCompatibleDC
GetPixel
CreateSolidBrush
RectVisible
Rectangle
CreateFontIndirectA
SetTextColor
PatBlt
SelectObject

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Eptjuqho
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ