ea1fc172d4b2d8c60b19ca3e8a9030d8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea1fc172d4b2d8c60b19ca3e8a9030d8_JaffaCakes118
Size

14KB
MD5

ea1fc172d4b2d8c60b19ca3e8a9030d8
SHA1

b7fd031edf27b919062d5add64de580390aad8f3
SHA256

ce71a2e4c26345da5a2f1bfa1e36c95df4565ee3b058e1cdeeaefe8cdd38182b
SHA512

23bd3a70705270fc34044d84f50506f74cd66c99ca0fecee92f5f1f4904ada2fd7efecd5070c03ae56de22b46efebf194d1ed414caafa8278695f822244bef1a
SSDEEP

192:8KjEb8aO3tA99IAOqLs9ypT0Lsvr0IwUPkn3V2MXSqI:8KAbdO9QxXLsI2arPwBFjXS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea1fc172d4b2d8c60b19ca3e8a9030d8_JaffaCakes118

Files

ea1fc172d4b2d8c60b19ca3e8a9030d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ce95b9f8ec147153cbb8cf4f617c917

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSubMenu
InvalidateRect
DestroyIcon
SubtractRect

kernel32

GetLastError
GetProfileStringW
GetMailslotInfo
VirtualQuery
ResetWriteWatch
SystemTimeToFileTime
VirtualProtect

gdi32

GetFontData
GetStretchBltMode
CreatePolygonRgn
StartDocW
GetClipRgn

comdlg32

GetOpenFileNameA
ChooseFontA
FindTextW
GetOpenFileNameW
WantArrows

Sections

.text
Size: 4KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE