fea7a9ae77c34e1d1bd5b31aab9819c3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fea7a9ae77c34e1d1bd5b31aab9819c3_JaffaCakes118
Size

46KB
MD5

fea7a9ae77c34e1d1bd5b31aab9819c3
SHA1

e4d80938a19c8f4c57515f5140be218beffe6ce2
SHA256

cf1512137b480895b596139f939f9a320268dfe42c3ed75824acf5da567a77c1
SHA512

1f06522652b8ccf099ff0a68e530eb0083273bb111539e57aff21dc7bd380cb4f78aed46361267e8322c71f87fb4e22cff1be8700f0a9e02a056f46ecbe6c03b
SSDEEP

768:5oVvWrIJlNd3NXvyk+8h5kTEmw1+bUZ9gc5JFa4I4lAckB/g7em9E09Un:5sv+IzNd3NXvXtko9gc5Xa4I4ickB/gM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fea7a9ae77c34e1d1bd5b31aab9819c3_JaffaCakes118

Files

fea7a9ae77c34e1d1bd5b31aab9819c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7f89b487f1c5e51a504ea13d1124870

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
IsBadReadPtr
IsDebuggerPresent
GetStdHandle
GetFullPathNameA
HeapCreate
LocalUnlock
LoadLibraryExA
LocalLock
CloseHandle
GetLastError
TlsGetValue
FreeEnvironmentStringsA
GetModuleHandleA
FindClose
CreateEventA
GetConsoleCP
CreateFileA
CreateFileMappingA
LocalFree

user32

GetDlgItem
SetFocus
PostMessageA
CreateDialogParamA
ScrollWindow
EndDialog
DefWindowProcA
GetMessageA
DispatchMessageA
GetIconInfo
IsWindow
EmptyClipboard
GetDC
DrawIconEx

msasn1

ASN1BEREncLength
ASN1BEREncFlush
ASN1BERDecBool
ASN1BERDecEoid
ASN1BERDecCheck

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ