eb069d5d85fe6da9ede0738af2dff78e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb069d5d85fe6da9ede0738af2dff78e_JaffaCakes118
Size

15KB
MD5

eb069d5d85fe6da9ede0738af2dff78e
SHA1

fe5ea0ed9bc8bb67d225075bf03c85f5e3e57299
SHA256

21e8d54fe488e3ca610709682c3c649f02113082e22ec44956c398244536da86
SHA512

f84388f22f7e97d5536fd11d5aa35ab85943e1c62ce0075c98a8568749dca86a798a0a56bd2552df9536e03587b33c82024d3e5c012843779d7105ef8cc719bc
SSDEEP

192:tGcxVQrWF1OKNc3zBGaclMekV376zbkaiX8Pq2xOG:tGVcOKGBGacqekV30bkaiMPqQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb069d5d85fe6da9ede0738af2dff78e_JaffaCakes118

Files

eb069d5d85fe6da9ede0738af2dff78e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9b972b9eebd4d0d19d973dcf1139a9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
GetThreadLocale
SwitchToThread
GetDriveTypeA
lstrcpyA
IsDBCSLeadByte
TlsFree
VirtualAlloc
lstrcatA
CreateHardLinkW
TlsGetValue
GetCommandLineA
GetOEMCP
TlsAlloc
GetFileAttributesW
GetModuleFileNameA
GetModuleHandleW
GetCurrentThreadId
GetSystemDefaultLCID
GetUserDefaultLCID
DeleteFileA

user32

GetWindow
GetWindowTextA
GetWindowTextLengthA
GetClassInfoExA
CloseWindow
GetWindowLongA
GetSystemMetrics
GetFocus
ValidateRect
ReleaseDC
RegisterClassA
IsWindowVisible
ShowWindow
GetForegroundWindow
GetActiveWindow
GetDC
GetWindowDC
IsIconic
UpdateWindow

psapi

GetModuleInformation
GetMappedFileNameA
GetModuleBaseNameA
EnumPageFilesA
EmptyWorkingSet
GetWsChanges

uxtheme

GetThemeBool
GetThemeColor
GetThemeInt
GetThemeFont

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ