070d596bd7c6d73abd88cda20914f257_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

070d596bd7c6d73abd88cda20914f257_JaffaCakes118
Size

638KB
MD5

070d596bd7c6d73abd88cda20914f257
SHA1

2c7ff533f9c56e99178bd81cdc37d72bf99e4d05
SHA256

6d052bce401ddd6dc37d5b2754d2c34b1ce26a40526a09e8bf5f41889180654e
SHA512

dea1a707e52fe8aa9e9bbbd3134145f104343eb128eeb303b16bd430aa0f9b35ec065ea20b2557d51718ada3ed565489df2d57349c00981cad3fb939856e0252
SSDEEP

12288:iECXILnhqp5DSOBNHNEdV2J9XQ6fq70Q6d/crSQUdW1zlXRPccpR7iDlNANC:iKj0DbNySi6S70Q6CrSTAZ1HiraC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
070d596bd7c6d73abd88cda20914f257_JaffaCakes118

Files

070d596bd7c6d73abd88cda20914f257_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4bc577783eac9828d418b3defe5eab64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
GetModuleHandleA
AddAtomA
GetCommandLineA
GetVersion
GlobalUnlock
GetStdHandle
InterlockedExchange
GetTickCount
GetConsoleCP
GetSystemDefaultLangID
HeapReAlloc
VirtualProtect
lstrlenA
WaitForMultipleObjects
GetProfileIntA
HeapCreate
CloseHandle
TlsFree
LoadLibraryExA
WaitForSingleObject

user32

DestroyMenu
CopyRect
CreateCaret
InsertMenuA
MessageBoxA
SetWindowPos
SubtractRect
EnableScrollBar
EqualRect
SetPropA
PaintDesktop
GetKeyState
ModifyMenuA
UpdateWindow
GetDlgItem
DispatchMessageA
PostMessageA
GetMenuStringA
CreateCursor
ShowWindow
GetWindowTextA
DialogBoxParamA
FindWindowA
TranslateMessage
GetKeyboardLayout

msi

MsiEnumProductsA
MsiEnumClientsA
MsiDoActionA
MsiGetMode
MsiCloseHandle

ws2_32

WSAAccept

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ