ea7cba258c046b5be17d9b81d93b6343_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea7cba258c046b5be17d9b81d93b6343_JaffaCakes118
Size

33KB
MD5

ea7cba258c046b5be17d9b81d93b6343
SHA1

beda26d03e27df988e3af8cbd53eb5ef126dc4b2
SHA256

03d63161241ba54991c627f0de69b6e8b5519a15e99f13bd9918431e5d64af90
SHA512

6739af505054d77caa11dc10a6c37b9ba4730eedd62302641032ebac7d45eee99d3d213990d874114a0a5120dafc91ed25c8d4a607a47041bd1a80f615531be6
SSDEEP

384:xbyk4dS2o0APJXccJYoUiG+OUVU8EyqU3bfgWFgqsTer60SgZxFyyKee5gDm6G6M:EkVeWVcwG+o86ExiZY6e5M5D6fLU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea7cba258c046b5be17d9b81d93b6343_JaffaCakes118

Files

ea7cba258c046b5be17d9b81d93b6343_JaffaCakes118
.exe windows:4 windows x86 arch:x86

764e46b4e886fb56ad221fd03be8b7a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdePostAdvise
CascadeWindows
ClientToScreen

msvcrt

_mbccpy
_mbctombb
_mbsdec
_pctype
_snprintf
_snwprintf

kernel32

CompareFileTime
CopyFileW
CreateThread
DefineDosDeviceW
EnumResourceTypesW
GetCommConfig
GetConsoleWindow
GetDateFormatW

Sections

.text
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE