eab0f5c895f589ddf897bb846e37d719_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eab0f5c895f589ddf897bb846e37d719_JaffaCakes118
Size

88KB
MD5

eab0f5c895f589ddf897bb846e37d719
SHA1

00425db2ec44ca12ab91a15248cc5df58f191f7d
SHA256

188cb60d509b8bc2f7b7714275de096d94c20861279a345d89fc81e6fa85c588
SHA512

2e18dd0b332c019720d3b8053d3fc6d71c892cc6b8416a2ba6e595865347b69c5e3cbd90deb3c776bf011674a93061d4c6d8dfc63a14ec33e35b2a4494b516cc
SSDEEP

1536:GrhhLSrRSbVBv7VWW1oU9s+ePbL4pPH4bdVOAyC3S2GPVHnSffH3IIWBzf:uh+gVnWW172+ePbLAgvOdpSfP3IIWtf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eab0f5c895f589ddf897bb846e37d719_JaffaCakes118

Files

eab0f5c895f589ddf897bb846e37d719_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78ebbc4a4ea4ac370bf5574dadabbb68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCP
GetModuleHandleA
lstrlenA
GetAtomNameA
GetVersion
CompareFileTime
GetConsoleCP
GetCommandLineA
VirtualProtect
HeapCreate
InterlockedExchange
GetStdHandle
CloseHandle
HeapReAlloc
WaitForMultipleObjects
SuspendThread
LoadLibraryExA
GlobalUnlock
GetTickCount
WaitForSingleObject
GetSystemDefaultLangID

user32

GetKeyState
EnableScrollBar
SetPropA
DragObject
CreateMenu
FindWindowA
GetDlgItem
CopyImage
GetCursorInfo
GetKeyboardLayout
DispatchMessageA
FillRect
SetScrollInfo
IsDialogMessage
InvertRect
CreateIcon
SetWindowPos
DialogBoxParamA
InsertMenuA
DestroyMenu
DrawCaption

advapi32

RegEnumKeyA
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyExA
RegCloseKey

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ