ef6e6b4a7a3ecd5d2eff67b0c5c3f731_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef6e6b4a7a3ecd5d2eff67b0c5c3f731_JaffaCakes118
Size

18KB
MD5

ef6e6b4a7a3ecd5d2eff67b0c5c3f731
SHA1

d026943f2059936f6ede89729f2392616a9dfaa3
SHA256

2e89645116439ee716a73569d5271051d28401cf7bee26a30ebc17099b14bf79
SHA512

50fbf14c08d4cf4de64a55499398c2b9b3f70f530de367191b46d3f14faad547f22809344c5bcea947c4e87564bd925526c072ad0a3abf5cb4889818d5a57045
SSDEEP

384:CvI3cnST6ZPndPV4jNauK8s2CgOS4uYOYhWyizSzM:CvN9ZPnynKZjzEU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef6e6b4a7a3ecd5d2eff67b0c5c3f731_JaffaCakes118

Files

ef6e6b4a7a3ecd5d2eff67b0c5c3f731_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7aaa00894a8a64890c3bb75ecd661beb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
HeapReAlloc
GetAtomNameA
GetModuleHandleA
GetVersion
GlobalUnlock
GetTickCount
ResetEvent
LoadLibraryExA
CompareFileTime
CloseHandle
InterlockedExchange
HeapWalk
VirtualProtect
TlsFree
lstrlenA
GetProfileIntA
GetConsoleCP
WaitForSingleObject
FindAtomA
SetEvent

user32

ShowWindow
PaintDesktop
GetMenuStringA
DispatchMessageA
CreateCaret
GetWindowTextA
GetMenu
GetSubMenu
GetScrollRange
GetDlgItem
InflateRect
SetWindowPos
CopyRect
GetWindowLongA
EnableScrollBar
SetPropA
SubtractRect
UpdateWindow
DestroyMenu
EqualRect
GetKeyboardLayout
DialogBoxParamA
MessageBoxA
PostQuitMessage
ModifyMenuA
LoadIconA
InsertMenuA
TranslateMessage
PostMessageA

msi

MsiCloseHandle
MsiGetMode
MsiDoActionA
MsiEnumClientsA
MsiEnumProductsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ