e0ff28ffba6e64ad4117c0f75f14bb44_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0ff28ffba6e64ad4117c0f75f14bb44_JaffaCakes118
Size

172KB
MD5

e0ff28ffba6e64ad4117c0f75f14bb44
SHA1

98228cae4ae1f16e43c4c8066e28b10d61fbcb94
SHA256

e3de4bfed45e4fcb6a31bf35788ad868e52f7989d980e7df035378476e0a74c6
SHA512

89feb0639b292add9ef3f0fdc5b50ffc71ac55a23d5abec2ac628e7256a30536b0234097e3d623adfd834b22dd4be9dce8027d7e9873d915c38bea0df799303f
SSDEEP

3072:zEj8uROb1ZLpF/cRAmXKSB6ONNZM69EQkR+j9xFVcwWNNmQI/Pc5UGhgti:hugrBmXllNYQkcZVcRNNinc6GC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0ff28ffba6e64ad4117c0f75f14bb44_JaffaCakes118

Files

e0ff28ffba6e64ad4117c0f75f14bb44_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3a62f8766d7ae0837a96af372af454f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\nqnqieTxthcgf\lbnLvfzkr\nvVkahfd\duuzVbn\vxccmgjJeSnyio.pdb

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
clearerr
_ismbblead
_XcptFilter
_exit
_cexit
__setusermatherr
__getmainargs
memset

shlwapi

UrlGetLocationW
ChrCmpIW

kernel32

FindNextChangeNotification
GetTimeZoneInformation
LocalSize
GetCommProperties
lstrlenA
GetLongPathNameW
LoadLibraryA
lstrcmpiW
LoadLibraryExA
GetModuleFileNameA
SetErrorMode

user32

GetSystemMenu
CharNextExA
GetDialogBaseUnits
LoadImageW
wsprintfW
GetFocus
DeleteMenu
SetCaretPos
GetDC
IsWindowUnicode
ClipCursor
DragObject
GetDlgItemTextA
FindWindowExA
CheckRadioButton
GetDlgItemInt

gdi32

SetWindowExtEx
ExcludeClipRect
GetDeviceCaps
EndDoc
CreateDIBitmap
GetPaletteEntries

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idir
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 141KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE