ea0b5465120c68de8e60017f56012ee7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea0b5465120c68de8e60017f56012ee7_JaffaCakes118
Size

10KB
MD5

ea0b5465120c68de8e60017f56012ee7
SHA1

dfaba6a27c4e6e3b7bb455ab76d7062259fb66ad
SHA256

d0bcbc9cc9d34d4230d101f8cc18295648f320e7cea81620e69a0ed7ba5c1278
SHA512

eb18d8deaa118f6986dacee33f6f9caaebc59d8d9938ea16aba2d1e7d41fe5e5c91347e35e70f6a7e1e8de2423bf1d444d95bf6d2714908d5f94d7b1b96fff6f
SSDEEP

192:1D2UCBPBQoNmro3mNl+mYPmCuOsAgJEtmS7rGE7/kvGuuX4RWU:1Dd0TmrymNl+mYPmCpsdEBrZuf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea0b5465120c68de8e60017f56012ee7_JaffaCakes118

Files

ea0b5465120c68de8e60017f56012ee7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6559a7edc8326906e621aea2c3d0a856

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
RegisterClassExA
CharUpperBuffA
RegisterClassA
DefDlgProcA
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
LoadIconA
EnableWindow
SetWindowTextA
DefWindowProcA
PostQuitMessage

kernel32

GetStartupInfoA
GetCommandLineA
HeapAlloc
GetModuleHandleA
ExitProcess
CreateThread
lstrcmpiA
EnterCriticalSection
ResetEvent
LeaveCriticalSection
WaitForMultipleObjects
GetTickCount
Sleep
GetProcessHeap
InitializeCriticalSection
CreateEventA
lstrlenA
GetModuleFileNameA
lstrcmpA
lstrcpyA
SetEvent

rasapi32

RasSetEntryPropertiesA
RasEnumEntriesA
RasGetEntryPropertiesA
RasDialA
RasEnumDevicesA
RasHangUpA
RasEnumConnectionsA
RasGetConnectStatusA
RasGetErrorStringA

comctl32

ord17

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE