ea2f98dad3575e2df674339d0179c5f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea2f98dad3575e2df674339d0179c5f4_JaffaCakes118
Size

157KB
MD5

ea2f98dad3575e2df674339d0179c5f4
SHA1

df75e0b92f9509ec2ba64f360b76f5ab2f3c9eee
SHA256

4b8be8dda6d50dfe66d0a0f2d54a523723991800c1953f7cfd34519a420cec25
SHA512

dfc0b89ee231a348e4daff9088e58ed7dfdf7ff614fafb07dff52e1752772c614f9b461758f9809521332149d25443e5fec5793a6850145421c7a89bae71c5cb
SSDEEP

3072:IocX1al6+dZ3mLrIdUdcrXvBRZFaPu/165l8A7RYO6cDBCO53WSbmPD/5:I/1al1vmLrOXVF698A7R/6cDYK3WSbcT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea2f98dad3575e2df674339d0179c5f4_JaffaCakes118

Files

ea2f98dad3575e2df674339d0179c5f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98843ad68c271742e27c5259c82f876a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject

kernel32

FindFirstVolumeA
TlsFree
GetPriorityClass
ProcessIdToSessionId
EnumResourceTypesA
InitializeCriticalSection
TlsAlloc
GetStartupInfoA
TlsGetValue
GetFileType

user32

GetUpdateRgn
CreateWindowExW
RegisterClassExW
LoadCursorW
GetDC
GetWindowInfo
MessageBoxW
EndDialog

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.apexi
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ