e241347a51b0492a14ade1deac69bc3d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e241347a51b0492a14ade1deac69bc3d_JaffaCakes118
Size

370KB
MD5

e241347a51b0492a14ade1deac69bc3d
SHA1

b93cc3319edfe921aedee4564518024d275be098
SHA256

6c1d2b0145daee5797c66e2fde46f85b9693a005f625692bcbad08dc85019b99
SHA512

0231ee16ba1e293a362c85b227d5ce3215f711b93491c069c9d47bf4c62841e8420b6a30a6b1c4217bd6b0084c82c61097ec935082cde093af3275e30cb3c1b6
SSDEEP

6144:SRM8t0HEAT1fxhcMxW2pL7lv6w2K/PkFtR6sFHYnHFWhTyHVEOSQTQiJY7jM56gt:SRMBHEAJLjpFv6w2K/PkFtlVMHFWg1E5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e241347a51b0492a14ade1deac69bc3d_JaffaCakes118

Files

e241347a51b0492a14ade1deac69bc3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d1dc81f7e7166d59cf87f42f6f08551

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
FindAtomA
CreateEventW
ReleaseMutex
LocalFree
lstrlenW
GetDriveTypeA
WriteFile
IsBadStringPtrW
TlsGetValue
InitializeCriticalSection
GetCurrentThreadId
LoadLibraryW
FindClose
GetCurrentProcessId
GetFileTime
GetPrivateProfileStringA
GetEnvironmentVariableW
HeapCreate
GlobalFlags

user32

DispatchMessageA
CallWindowProcW
CreateWindowExA
GetKeyboardType
GetSysColor
EndDialog
GetSysColor
GetClientRect
GetClassInfoA
DrawStateW
SetFocus
IsWindow
DrawTextA

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

cryptui

LocalEnroll

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ