eb4b6e385b04fc39dd14aa9d43af84e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb4b6e385b04fc39dd14aa9d43af84e3_JaffaCakes118
Size

18KB
MD5

eb4b6e385b04fc39dd14aa9d43af84e3
SHA1

8c366201340c07a472c9f00748b9c94bdd83513c
SHA256

958aef66e72a82ea5bed17642183aca2273303468867b65de6e524c84918bb7d
SHA512

0ccc7b96dcb2dcb272ec747bdfcb6ec5a7542a425375685a3fe0aad9993e23e285f5b119cb242f9677c7e99a7ed1a0b915da2bc8513a00ee147d96ec6cca95fb
SSDEEP

192:Wdn3F31TpkcVfvcHmNqnvn1GMt/A5kgjUbCfH8WOsdZKBxTRy:WF3F31zKmqn/oqgQbCkWO8KBxo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb4b6e385b04fc39dd14aa9d43af84e3_JaffaCakes118

Files

eb4b6e385b04fc39dd14aa9d43af84e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b81fdb40ae1ccb10538bceca185d57d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
GetTimeFormatA
GetModuleHandleA
HeapCreate
GetTapeStatus
HeapDestroy
InterlockedExchange
GetCurrentProcessId
IsDebuggerPresent
VirtualProtect
GetACP
GetEnvironmentStringsA
CreateHardLinkA
GetLogicalDrives
WaitForSingleObject
GetStdHandle
GetCurrentThread
GetCommConfig
GetProcessVersion
DeleteAtom
LoadLibraryExA

user32

GetParent
SetActiveWindow
GetClassNameA
GetFocus
ShowWindow
ReleaseDC
GetDlgItem
GetWindow
DrawTextA
DragDetect
GetWindowTextLengthA
SetForegroundWindow
FillRect
GetTitleBarInfo
wsprintfA
EndPaint
FrameRect
BeginPaint
GetCursorPos

advapi32

RegFlushKey
RegCreateKeyA
RegCloseKey
RegSetValueExA
RegEnumKeyA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ