ea17c3345a94c66b14817584c5826fb8_JaffaCakes118 | Triage

Sharing

General

Target

ea17c3345a94c66b14817584c5826fb8_JaffaCakes118
Size

12KB
MD5

ea17c3345a94c66b14817584c5826fb8
SHA1

02b727516932ed3768d4a41e9214512fa4244528
SHA256

b28cfcd35b473964ac136983fdb6133f6a0ce2427e0066cf8095f52bdf25d9bb
SHA512

e511d70662afbf88b3bd700272a7b178671c6feeee8421a042b0e3f57a1c29b27e7995ba0ac2883c607ddd63e03359f26eca8263b5401d86da81422f9255bbcc
SSDEEP

192:wls07Yo4X7bWacNlUOf44Ev2Y7ajLzyE/kLbnh+JUaCoVbN9pRQonG50cMh:Q9Z97RVY8Lzy+k/hmfCoVJTKMh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea17c3345a94c66b14817584c5826fb8_JaffaCakes118

Files

ea17c3345a94c66b14817584c5826fb8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

db29f5601f5026e43d28e962382f19f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageA
BeginPaint
EndPaint
GetWindowLongA
DeleteMenu
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
TranslateMessage
DispatchMessageA
GetMessageA

gdi32

GetROP2
GetStockObject

ole32

ReadClassStm
CreateBindCtx
CoInitialize
CoGetMalloc

lz32

LZInit

kernel32

GetModuleHandleA
LoadLibraryA
GetSystemInfo
GlobalFree
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
GetLocalTime
GetSystemTime
HeapAlloc
HeapCreate
InitializeCriticalSection
DeleteCriticalSection
GlobalAlloc

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE