ee7a0d2340f0f27f1c58263fb4f7e3b6_JaffaCakes118 | Triage

Sharing

General

Target

ee7a0d2340f0f27f1c58263fb4f7e3b6_JaffaCakes118
Size

172KB
MD5

ee7a0d2340f0f27f1c58263fb4f7e3b6
SHA1

fab2a4827b5537ebce1e0ebdfd43577d72eef10f
SHA256

c5fa001985e9b7edaa623a1b3d76ef7febf0630ef35a61e7793886b509e212bf
SHA512

7ac45688cb129fcc4604003a12e61a1c333dc9ed64e1d28d9659596c50d1a10c7a28d1ccce6dbad2624e0e7e695fb4f7975173aa9f3d41ce47c193d50fa12595
SSDEEP

3072:tbUxRas0poVY24brfABzPny/J+9St1K8gRWIxch0MutWvAOL8GbNcoNhylyGxMph:dUR0pJ2bPnuc1UieEWvAOIcSo7pEKh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee7a0d2340f0f27f1c58263fb4f7e3b6_JaffaCakes118

Files

ee7a0d2340f0f27f1c58263fb4f7e3b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d7e36e83a56c4e8559dfeac6b73ff63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileIntW
GetBinaryTypeA
GlobalAddAtomA
ReadFileScatter
SetCommConfig
LoadLibraryExA
ScrollConsoleScreenBufferW
GetEnvironmentStrings
SystemTimeToFileTime
GetAtomNameA
GetNumberFormatW
GetEnvironmentVariableW
GetProfileSectionA

user32

CharLowerBuffW
EnumWindows
DdeEnableCallback
SendNotifyMessageA
wvsprintfW
LoadCursorFromFileW
GrayStringA

gdi32

GetOutlineTextMetricsW
PolyPolygon

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE