ee7b4a9e4d205a1fe0a87ad5e54aba52_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ee7b4a9e4d205a1fe0a87ad5e54aba52_JaffaCakes118
Size

188KB
MD5

ee7b4a9e4d205a1fe0a87ad5e54aba52
SHA1

391ed994a3a11c15a1c330bb98bd876f9a43cb35
SHA256

de0b2447f7e9058ab3ffa9903220869ee747e990a0d299caa4970aaf08891e7a
SHA512

1c74b1724ef9271d83bf0fb5321f1b990f627262c190db06380aa3ace3876eb143f1eb0309b31e369e07b684ca65a17ca72e91c4a3fbb9245260dab987e5cc14
SSDEEP

3072:h4ZlVeY4Y/vamu11FCIFG8TYCxS/voT48Z4FKrNK8k6C4znqn4sCE4PmD9dSFkkO:huV147mW1FvdwokpzLKw4oPdSFjVka8N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee7b4a9e4d205a1fe0a87ad5e54aba52_JaffaCakes118

Files

ee7b4a9e4d205a1fe0a87ad5e54aba52_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8018423d15922937336558a31851a959

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

FindFirstFileW
LocalFree
EnumResourceTypesW
SizeofResource
GlobalAddAtomW
CloseHandle
RaiseException
InterlockedExchange
GetCurrentDirectoryW
GetLastError
HeapFree
LoadLibraryA
FindResourceExW
EnumResourceNamesW
FindFirstFileA
GlobalFree
EnumResourceNamesA
EnumResourceLanguagesW
GetCommandLineW
GetModuleHandleW
FormatMessageW
LoadResource
FindNextFileA
GetProcessHeap
LockResource
GetDateFormatA
MultiByteToWideChar
GetProcAddress
HeapAlloc
SetLastError
Sleep

user32

CharNextA
MessageBoxA
wsprintfW
KillTimer
EnumWindows
PeekMessageA
SetTimer
LoadStringA
DispatchMessageA
GetMessageA
GetWindowTextA
GetWindowThreadProcessId
PostThreadMessageA
IsWindowVisible
CharUpperA
wsprintfA

Sections

.text
Size: 100KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ