ea59ddd0f0b7d7bd9d9af977a8d6c118_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea59ddd0f0b7d7bd9d9af977a8d6c118_JaffaCakes118
Size

775KB
MD5

ea59ddd0f0b7d7bd9d9af977a8d6c118
SHA1

a828f2db042b99ed88ad4edad9bda8d4e6105437
SHA256

a08d3f68dcc16bcaba59f9d3faecd9ed5dfc541e16d03a3cd664dabfe0773a4a
SHA512

cab140b8d4b205c962534392ab0aa45f5f2a1fdf01888227b572adbd480604ede86032a62a7fe9d2a45e511163e93d1903bd072a76d439f94143b1e774883725
SSDEEP

24576:0TUJJlfY+Nd9g04MeNMUiY/NifvXJOrHuzKsk0GoXaUos:0TUjSy4MeN+MiHX8Ozkto1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea59ddd0f0b7d7bd9d9af977a8d6c118_JaffaCakes118

Files

ea59ddd0f0b7d7bd9d9af977a8d6c118_JaffaCakes118
.exe windows:4 windows x86 arch:x86

504db76422e01de365d47d608f2cd170

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
lstrlenW
GlobalUnlock
GetPriorityClass
LoadLibraryExW
TlsGetValue
GetCurrentThreadId
DeleteAtom
VirtualQuery
GlobalFree
GetModuleHandleA
SetLastError
GetStdHandle
FindResourceA
HeapCreate
CloseHandle
SetEnvironmentVariableA
CreateFileA
CreateMutexA
GetExitCodeProcess

user32

CreateWindowExA
GetDC
CreateMenu
DrawEdge
IsWindow
CallWindowProcA
SetFocus
DrawMenuBar
DispatchMessageA
FillRect
GetDlgItem
GetIconInfo
CheckRadioButton

ntshrui

IsPathSharedA
IsPathSharedW
GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA
SetFolderPermissionsForSharing

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 765KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE