eb8a152f92ab54839d02bc42bbfc2407_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb8a152f92ab54839d02bc42bbfc2407_JaffaCakes118
Size

340KB
MD5

eb8a152f92ab54839d02bc42bbfc2407
SHA1

2bf3c2e23d5d94b6ec4b73cb9908ea1f691ec818
SHA256

0750b29d2878cf99918a4db8453e61e00cbaa2c0391c079315daacde769de182
SHA512

13970ac049f440223576a2c1912c00975d4f5400b854b9ec9b228bfd5a526b13f022c35079145697f647894a915a1360ccc518fad0c6b92a7fb85126c45a4712
SSDEEP

6144:XHtQLcSj5PSXyggMfOLRTYO+9wTLfdvyhEwFUsjRLTt+/t6OUhzx:SFhgh2R8O+yFqpLh+mhzx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb8a152f92ab54839d02bc42bbfc2407_JaffaCakes118

Files

eb8a152f92ab54839d02bc42bbfc2407_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a9547a63b70ca5aea1f3ea28522a39e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
FreeEnvironmentStringsA
HeapCreate
GetModuleHandleA
CreateFileA
CreateWaitableTimerA
GetStdHandle
GetLastError
FindClose
CloseHandle
CreateEventA
GlobalLock
MapViewOfFile
lstrlenA
LoadLibraryExA
GetConsoleCP
IsBadReadPtr
IsDebuggerPresent
GlobalUnlock
LocalFree

user32

SetFocus
EndDialog
CheckMenuItem
GetMessageA
RedrawWindow
DialogBoxParamA
CreateWindowExA
ClipCursor
IsMenu
GetSubMenu
GetDlgItemTextA
GetDlgItem
GetParent
DrawIconEx

apphelp

SdbCloseDatabase
ApphelpCheckIME
ApphelpCheckRunApp
SdbFindFirstTag
ApphelpShowDialog

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ