eba4eedb0a2a6030072ea317736c9103_JaffaCakes118 | Triage

Sharing

General

Target

eba4eedb0a2a6030072ea317736c9103_JaffaCakes118
Size

20KB
MD5

eba4eedb0a2a6030072ea317736c9103
SHA1

17474d06123cbed141a909dc3ecfb56e83bf0e8c
SHA256

4676436fbe4c1609997d79e3dde40debaac3778b2466713b3dfc1f84a4bdcf3d
SHA512

463d16195484e9f510ba7fab77fba90ffed01afa63709a81e8670c8060bd6d41d3bfde31e04412198a51106efb9f88e7156a2943e5f49d2ee638abbc04e56ec9
SSDEEP

192:69zUx180pu6YR3dBNfH65JsuLOqMkEnZXd/oyLn9CZz6br9fJr6ubhtPkiFkDvX+:2zUvpu6kNPv66TFoi957PkiFk6XJoi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eba4eedb0a2a6030072ea317736c9103_JaffaCakes118

Files

eba4eedb0a2a6030072ea317736c9103_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f06e3e89de57907efc1473a7edb968ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GetModuleHandleA
AddAtomA
HeapCreate
GetSystemDefaultLangID
GlobalUnlock
GetConsoleCP
WaitForMultipleObjects
CompareFileTime
GetStdHandle
LoadLibraryA
VirtualProtect
GetTickCount
CloseHandle
HeapReAlloc
GetProfileIntA
lstrlenA
TlsGetValue
WaitForSingleObject
InterlockedExchange
GetVersion

user32

DestroyMenu
DispatchMessageA
PostMessageA
GetWindowTextA
PaintDesktop
GetMenu
ShowWindow
LoadIconA
InflateRect
UpdateWindow
CopyRect
GetDlgItem
DialogBoxParamA
TranslateMessage
EnableScrollBar
CreateCaret
MessageBoxA
GetMenuStringA
EqualRect
InsertMenuA
ModifyMenuA
SetWindowPos
SubtractRect
SetPropA
GetKeyboardLayout

msi

MsiDoActionA
MsiCloseHandle
MsiEnumProductsA
MsiGetMode
MsiEnumClientsA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ