03ef0b498ce27682fdc7e1b5ed831d51_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03ef0b498ce27682fdc7e1b5ed831d51_JaffaCakes118
Size

312KB
MD5

03ef0b498ce27682fdc7e1b5ed831d51
SHA1

8daf1d5addb43fa4841345bdaabf16188be31b83
SHA256

aa79c4e1dd93d3af6eb3cb6eb827769a3557638818c925f67dfef4318289c99b
SHA512

93409a119a91af82949d86eea46a11996d62270a038976ba080a20a24113d99a6f2538d7cc53001832491c1f2419b002ea3b98125f79190fd29a52fda85ff633
SSDEEP

6144:ozG2kb+Kdt6TGT3kVrKHXRuq/ce2xFaZ8E40xugx+bPeM40SGxS3:REyT0VrKMgDoC8E4+ug0bvvNxu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03ef0b498ce27682fdc7e1b5ed831d51_JaffaCakes118

Files

03ef0b498ce27682fdc7e1b5ed831d51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd4030b7112db307b09fa5e7095e9021

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
CloseHandle
GetStdHandle
GetVolumePathNameA
GlobalLock
GetUserDefaultLangID
LocalHandle
GetProfileIntA
CreateJobSet
GetProcessHeap
GlobalFree
EnumDateFormatsA
GetProfileStringA
GetModuleHandleA
FindAtomA
GetTapeStatus
VirtualAlloc
GlobalFlags
ExitProcess
CreateMailslotA
GetOEMCP

user32

GetForegroundWindow
ValidateRect
GetDC
DrawEdge
CloseWindow
EndPaint
IsIconic
RegisterClassA
GetClassNameA
BeginPaint
GetParent
GetActiveWindow
GetWindow
GetClassInfoExA
GetFocus
GetWindowTextLengthA
GetWindowTextA
ReleaseDC
ShowWindow

gdi32

GetColorSpace
CreateDCA
CreateDIBitmap
ExtCreatePen
GetCharWidthA

userenv

GetGPOListA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ