eea5a06c4d3909c88393946d194d97b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eea5a06c4d3909c88393946d194d97b3_JaffaCakes118
Size

25KB
MD5

eea5a06c4d3909c88393946d194d97b3
SHA1

a646adefaef253364e57f8377e95b017794fb46f
SHA256

3f2b96bfafaad3ead99771b927aeb0132bac559738398c999c0c4862ae88d84f
SHA512

996d5d43e6be9990db399385aca986f7b9aa7f90122cdf066804cc7e5d1d5c018b48ae02dd3df786f400da28e5bce1fbd0f598cac293c7b1ccd5307978c3c658
SSDEEP

768:udBlI5irkbu7NCSqOabxxKXeWcVrvmFzYlc2pL:tC7NCwav4qlPN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eea5a06c4d3909c88393946d194d97b3_JaffaCakes118

Files

eea5a06c4d3909c88393946d194d97b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f31f27a6afe52d8baf88640d0b8f126

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
FindClose
GlobalUnlock
LocalFree
GetSystemTime
IsBadReadPtr
GetModuleHandleA
GlobalLock
LoadLibraryExW
GetACP
VirtualProtectEx
CloseHandle
GetStdHandle
CreateMutexA
GetCPInfo
GetConsoleTitleW
CancelIo
FreeConsole
CreateEventA
GetLastError

user32

GetMessageA
DialogBoxParamA
LoadCursorA
IsIconic
GetDlgItemTextA
GetParent
ClipCursor
GetKeyState
IsMenu
GetMessageA
GetSubMenu
CreateWindowExA
EndDialog
MessageBoxA

clbcatq

GetCatalogObject
ComPlusMigrate
SetupSave
GetComputerObject
CheckMemoryGates

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ