e197812d36216d4148bc801298230f2e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e197812d36216d4148bc801298230f2e_JaffaCakes118
Size

17KB
MD5

e197812d36216d4148bc801298230f2e
SHA1

432179bd7f859d95d9d60e1cca92bba6bbd85f78
SHA256

1d1f7430c78836f2d7443400831b15d9bebac66fc4d3d2335e12d0789d63b8ab
SHA512

c77cd8788240616c840c815d6c648052dd5338a421e291c94ad407abdb985470b9ea0678ef583b7ac4cbe8bc31f87fbc034bb70998bf5caa2746a2c8eda39980
SSDEEP

192:6hJ1x+jssfnZJsTTi/cbO5+o0uDzSF5iMtZUN63XinAiTyeES:7wsfOW+o00N+xHcTyt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e197812d36216d4148bc801298230f2e_JaffaCakes118

Files

e197812d36216d4148bc801298230f2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1ae7815b6d75b61471b5132d78f7063

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
CloseHandle
HeapCreate
lstrlenA
GetTickCount
VirtualProtect
GetModuleHandleA
GetSystemDefaultLangID
GlobalUnlock
GetAtomNameA
GetStdHandle
WaitForSingleObject
SetConsoleCP
HeapReAlloc
SuspendThread
WaitForMultipleObjects
InterlockedExchange
CompareFileTime
GetCommandLineA
LoadLibraryExA
GetConsoleCP

user32

CreateIcon
DialogBoxParamA
DrawCaption
GetDlgItem
IsDialogMessage
GetKeyboardLayout
GetKeyState
InvertRect
FindWindowA
FillRect
DispatchMessageA
DragObject
SetScrollInfo
InsertMenuA
GetCursorInfo
SetWindowPos
SetPropA
CopyImage
EnableScrollBar
CreateCursor
DestroyMenu
CreateMenu

advapi32

RegQueryInfoKeyA
RegEnumKeyA
RegEnumValueA
RegCreateKeyExA
RegCloseKey

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ