ee7b669ae525ba2bcec1d598394c96b4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ee7b669ae525ba2bcec1d598394c96b4_JaffaCakes118
Size

137KB
MD5

ee7b669ae525ba2bcec1d598394c96b4
SHA1

4652776f02559e9d4c554ac8d7d07f5143e2a335
SHA256

7bf8b83707a2cab4951864675ddb51c5866fc0ab6426264bbf0914ba67238e35
SHA512

9e3292a7eaaaacde2f30dc468399a675fae9762b6312a6321ceb0487178eed93ccdb86dac3ca7e6436b06dafc9e3e3adf688881205010cdc2f5efaced32c06d3
SSDEEP

3072:mv4LXjSZ28qUn0LCzIGSjCdOJrZeUsGpwOgauPYWdW1:44LzEHn0LCUZj1hphiOg1wX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee7b669ae525ba2bcec1d598394c96b4_JaffaCakes118

Files

ee7b669ae525ba2bcec1d598394c96b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c4ac678ba282fe88326373ae314b569

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CreateFileA
DeleteFileA
ExitProcess
FlushFileBuffers
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStringTypeW
GetTimeZoneInformation
IsDebuggerPresent
LoadLibraryA
LockResource
SetCurrentDirectoryA
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
lstrcmpiA

user32

CallWindowProcA
GetCursorPos
IsWindowVisible
MapWindowPoints
SetFocus
SetTimer

gdi32

CreateBrushIndirect
CreateCompatibleBitmap
CreateDIBSection
CreatePenIndirect
CreateRectRgn
CreateSolidBrush
GetPixel
LineTo
MoveToEx
SetBkColor
UnrealizeObject

shell32

ExtractAssociatedIconW
ExtractIconExA
FindExecutableW
SHGetDesktopFolder
SHGetFileInfo
SHGetFileInfoA

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ