ebc423d5081c5ad18ec1a402f1fa0293_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebc423d5081c5ad18ec1a402f1fa0293_JaffaCakes118
Size

312KB
MD5

ebc423d5081c5ad18ec1a402f1fa0293
SHA1

e243b978b59e76e73f4ae3fe6b2348518f4bb21f
SHA256

4ae5d107afb00f8d0c0a8893b23df415abe98d29c6d37bc1120a2c46376e846a
SHA512

8a04ecc0279443cc3cae92f381730b1db3a9d1dcd6f5165d33adae5b28cb58f7ad19c8da3765435e508fad1f084aaf88468fef5008ae4de90a0cbd6f32a25dc6
SSDEEP

6144:o4WB6ycJpBHIoReOyS4nUrqmiuFFDZhyLl13OUz/8m10h:o4tRsnS4UZiMJZ4BYUZmh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebc423d5081c5ad18ec1a402f1fa0293_JaffaCakes118

Files

ebc423d5081c5ad18ec1a402f1fa0293_JaffaCakes118
.exe windows:4 windows x86 arch:x86

52ba5c99e0c70e584087f81c1636fb76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
SetEvent
GetModuleHandleA
InterlockedExchange
GetLocaleInfoA
HeapCreate
GetCommandLineA
RaiseException
FlushFileBuffers
FreeEnvironmentStringsA
GetSystemDirectoryA
GetCompressedFileSizeA
GetStdHandle
GetCurrentProcess
GetCurrentThread
VirtualProtect
WriteConsoleA
OpenSemaphoreA
IsDebuggerPresent
GlobalFree
GetACP

user32

FrameRect
IsIconic
ReleaseDC
SetForegroundWindow
SetActiveWindow
GetParent
GetWindowTextLengthA
DrawTextA
BeginPaint
GetWindow
ValidateRgn
GetDlgItem
GetClassNameA
ShowWindow
wsprintfA
EndPaint
FillRect
GetFocus
GetCursorPos

linkinfo

ResolveLinkInfoA
DestroyLinkInfo
GetLinkInfoData
GetCanonicalPathInfoA
IsValidLinkInfo

rtutils

LogEventA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ