e1b618e96c6fe5a916c5effa73a8261f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1b618e96c6fe5a916c5effa73a8261f_JaffaCakes118
Size

799KB
MD5

e1b618e96c6fe5a916c5effa73a8261f
SHA1

2c17037571329547d1c5d2f029f21c3888c55f20
SHA256

587afaa6664629e20f3be40c56f79f83cf8f1c31c41691809c38ef68bb956abd
SHA512

524b751940e9a2bb643b31f104c87f7c57f525a600e8c7dce7ea6758184fc08cb2879dcf0702b02876e317f1bd356c8964907059f5fbe7928dd849b5057a8cb0
SSDEEP

24576:vbdABqTzNBBJa3yuW/zp1rDUr4XL0Kik6tCTob:zdYyBDaiuW/zp1rDUr4XL0Kik6tCT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1b618e96c6fe5a916c5effa73a8261f_JaffaCakes118

Files

e1b618e96c6fe5a916c5effa73a8261f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5531ad03218fbed2cebbcf53694a45d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

IsBadReadPtr
GetCommandLineA
GetDriveTypeA
WriteFile
GetProcessHeap
DeleteFileA
ResumeThread
SetLocalTime
GetStdHandle
GlobalSize
GetFileAttributesA
CreateDirectoryA
HeapSize
GetPriorityClass
CreatePipe
ResumeThread
GetModuleHandleA
VirtualProtect
SuspendThread
GetLocaleInfoA
ReadConsoleW

user32

GetWindowLongA
SetRect
wsprintfA
LoadCursorA
SetFocus
DestroyMenu
DrawIcon
GetWindowTextW
SetCursor
PeekMessageA
DispatchMessageA
GetWindowLongA
GetMessageA

els

DllRegisterServer
DllRegisterServer
DllGetClassObject
DllGetClassObject

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE