e1f225783140c86ce7bdec8c1e6687d2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1f225783140c86ce7bdec8c1e6687d2_JaffaCakes118
Size

130KB
MD5

e1f225783140c86ce7bdec8c1e6687d2
SHA1

58f2228f3a1143fecc1ca2ff6c9cb53201d447ea
SHA256

0de2aab80f60fccd6ad320f84647966a152b296b58db03354d7f1995c0d59ae7
SHA512

41faec4f6f8d6a140acfdb93e6a311e44e622cba93638f05c76ec981169bfc90a0986ec41be771b5ce01bd99f1ee0ff5a765f0d72b7c12194b621a040eca107b
SSDEEP

3072:ke27xmTqnzIIySgMkQfjl2KBiUhgvvQvL4r/odC4Z:axIczzywzfjl3iUhgvSkTF4Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1f225783140c86ce7bdec8c1e6687d2_JaffaCakes118

Files

e1f225783140c86ce7bdec8c1e6687d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28689f342605035f7fb43e1bb1deadbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetEnvironmentVariableA
ReleaseMutex
DeleteAtom
GlobalUnlock
ExitThread
lstrlen
FindResourceA
CreateFileA
SetLastError
CreateMutexA
GlobalFree
TlsGetValue
IsBadStringPtrW
PulseEvent
CloseHandle
HeapCreate
GetModuleHandleA
FindClose
LoadLibraryA

user32

DispatchMessageA
DefWindowProcW
CopyRect
DrawMenuBar
GetDlgItem
SetFocus
CheckRadioButton
GetDC
IsWindow
FillRect
DrawEdge
GetIconInfo
CallWindowProcA

msasn1

ASN1BERDecNull
ASN1BEREncEoid
ASN1BEREncBool
ASN1BERDecBool
ASN1BERDecCheck

dpnet

DirectPlay8Create

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ