ea7613e624e6330e8ff61e43cb72605e_JaffaCakes118 | Triage

Sharing

General

Target

ea7613e624e6330e8ff61e43cb72605e_JaffaCakes118
Size

12KB
MD5

ea7613e624e6330e8ff61e43cb72605e
SHA1

c2df1ea75a02088794c29712a56fa8a3c1c70057
SHA256

918751b64e8dc301b9fad0c8b8ccda9d282094b17d9eef077426fb8fdec47813
SHA512

f6d7049afd3983d7c20f9b11d8dd8af8fc7800a328e8ac5d63c112de57fbd96ae6f061a9249ac36191d71a6a6ab0ee95bc0d652d96b7e920044330c4af47e196
SSDEEP

192:ZjYDV1A5sACz737jtgvRgrmLi3cn/2WeuH+cgA:ZjaXAiAa3PavOrCAcne2+cgA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea7613e624e6330e8ff61e43cb72605e_JaffaCakes118

Files

ea7613e624e6330e8ff61e43cb72605e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c974ebd955dc1d85c77f85e495bb076b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
ShowWindow
SetDlgItemTextA
SendMessageA
RegisterClassExA
PostQuitMessage
UpdateWindow
LoadIconA
LoadCursorA
GetMessageA
GetDlgItemTextA
DispatchMessageA
DestroyWindow
DefWindowProcA
MessageBoxA
CreateDialogParamA

kernel32

lstrlenA
lstrcpyA
lstrcatA
WriteFile
SetFilePointer
GetWindowsDirectoryA
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetModuleHandleA
GetCurrentDirectoryA
GetCommandLineA
ExitProcess
CreateFileA
CloseHandle

shell32

ShellAboutA

comctl32

InitCommonControls

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ