ea98cada0a4c7178a47eeca6dabec8a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea98cada0a4c7178a47eeca6dabec8a5_JaffaCakes118
Size

637KB
MD5

ea98cada0a4c7178a47eeca6dabec8a5
SHA1

41b4263783f88735a972ef81f695b724a7f26354
SHA256

98670bf10e11efc933bc07e56cbba8e9dd92aa2b0452df05635a02054c89653e
SHA512

9a3c787255bdf69316c16f86064e28d5f2a87a31ddba86afa87daeb3ccae26f3c25e3a4df36ad8a10560da34383fe9a718433e2a0f9c3c10f409875eefb3e201
SSDEEP

12288:ItYp+Ju0jthFyxDdeC3yjgtIKDZQx2TcDrksJvWLwqWeb:IkQVNyp3sgAx2TXsJvWLnW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea98cada0a4c7178a47eeca6dabec8a5_JaffaCakes118

Files

ea98cada0a4c7178a47eeca6dabec8a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba967998d2d611861de914af0cdee618

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
ResetEvent
SetEvent
GetProfileIntA
HeapWalk
GetModuleHandleA
VirtualProtect
GlobalUnlock
FindAtomA
WaitForSingleObject
GetConsoleCP
GetVersion
GetAtomNameA
lstrlenA
GetTickCount
HeapReAlloc
CloseHandle
LoadLibraryExA
TlsFree
CompareFileTime
GetACP

user32

LoadIconA
EnableScrollBar
GetMenu
GetWindowTextA
TranslateMessage
SetPropA
PaintDesktop
DialogBoxParamA
PostQuitMessage
UpdateWindow
DispatchMessageA
GetMenuStringA
GetScrollRange
PostMessageA
InsertMenuA
InflateRect
GetDlgItem
MessageBoxA
CopyRect
ShowWindow
CreateCaret
ModifyMenuA
GetWindowLongA
GetKeyboardLayout
GetSubMenu
SetWindowPos
SubtractRect
EqualRect
DestroyMenu

msi

MsiDoActionA
MsiEnumClientsA
MsiEnumProductsA
MsiGetMode
MsiCloseHandle

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ