eb6e9654185ff9039aa2ba87cadfe45b_JaffaCakes118 | Triage

Sharing

General

Target

eb6e9654185ff9039aa2ba87cadfe45b_JaffaCakes118
Size

93KB
MD5

eb6e9654185ff9039aa2ba87cadfe45b
SHA1

3b556b229f6e17fcadf72878f5e17f5e9317fc57
SHA256

c0926e4e4ff7f5fd74a24479b39906b45ec2161f459ae33bf3c83dc8beb62d80
SHA512

fdf63ab37f3e508a560a6a2708ed224375ee50ff37f628034d85810f0b8093e588f9ccdc92e19972378d7d3f3c0743092cb4045fdd759e010144bcc64766b65e
SSDEEP

1536:k+fmtqAe/HQ6e1hqtrXlGXt/WpJ9YtSLgH63nqVTgeWfJAhrytOwhxulOsT:k+qqAoHQb3qtrXlGXtILBqVTtgJu+hMb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb6e9654185ff9039aa2ba87cadfe45b_JaffaCakes118

Files

eb6e9654185ff9039aa2ba87cadfe45b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

21e0181adaa7dac4f38eb27da563a670

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
IsDlgButtonChecked
CheckDlgButton
SetWindowTextA
BeginPaint
EnableScrollBar
GetClipboardViewer
EndPaint
LoadIconA
LoadCursorA
RegisterClassExA
GetWindowLongA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage

gdi32

SetMapMode
CreateEllipticRgn
CreatePatternBrush
GetStockObject
CreatePen
DeleteObject
SetBkMode

ole32

CoGetCallerTID
CoUnmarshalHresult
CoWaitForMultipleHandles
CoIsOle1Class
OleSetContainedObject
CoGetTreatAsClass
StgIsStorageFile

kernel32

GetFileAttributesExA
InterlockedExchange
InitializeCriticalSection
GetEnvironmentStrings
GetACP
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapCreate
QueryPerformanceFrequency
GetModuleHandleA
HeapDestroy
HeapFree
DeleteCriticalSection
LeaveCriticalSection
GetLastError
EnterCriticalSection

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE