e34142a83e67f8ca5e85eba6592d5a85_JaffaCakes118 | Triage

Sharing

General

Target

e34142a83e67f8ca5e85eba6592d5a85_JaffaCakes118
Size

106KB
MD5

e34142a83e67f8ca5e85eba6592d5a85
SHA1

dd785bbe276d241dfbba5f1f362c107e7fd83a60
SHA256

451b94b3ccee06ae21e8affec06ac53c58b2ef9130955c5266a0ef83530e196e
SHA512

11cdebbd178ba795276ceac2b17f9b3bc7ad0a8238f219044856902220878e3189540eba8698e4de187553a9f35a4f4be2a655ce9094326e8d37c99e53c70cbb
SSDEEP

1536:gPJidDEXhhhSdhhhhhhhhh5hhhhhhhhhhhhhhhhhThhdig3WhhhhhhhhrhhhWfm5:Ywyg3/DGhUKDY7nL7eOqsLDngkcf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e34142a83e67f8ca5e85eba6592d5a85_JaffaCakes118

Files

e34142a83e67f8ca5e85eba6592d5a85_JaffaCakes118
.exe windows:5 windows x86 arch:x86

25c3ac8d3567741d6d6c817bc0e41199

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

Imports

kernel32

FlushConsoleInputBuffer
GetLastError
AreFileApisANSI
SetFileApisToANSI
SetFileApisToOEM
FlsFree
GetNumberOfConsoleInputEvents
ConvertFiberToThread
SetCriticalSectionSpinCount
GetCurrentThread
LocaleNameToLCID
FindClose
LocalSize

user32

GetInputState
GetMenuItemInfoA
MessageBoxA
EnumDisplaySettingsW

ole32

CoRevokeInitializeSpy

setupapi

SetupFreeSourceListW

urlmon

CoInternetIsFeatureZoneElevationEnabled

msi

ord30

Sections

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ