11b2e0f27c21bf5c0bd689d76211378f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11b2e0f27c21bf5c0bd689d76211378f_JaffaCakes118
Size

293KB
MD5

11b2e0f27c21bf5c0bd689d76211378f
SHA1

d32adaafaeba53a955db613a32b6a264cea8695e
SHA256

a20960768338e718935229d45f526ae6a6c4b3eea2ac688d302229ac9009c9e7
SHA512

c8a3155243838975283713f7b8a524a79d08463c022fdb3e9b4b0872360eabb4ce43c45b6f90cf5fc00dc4035aa997290719b05b50f5c9529961dc10a75b90a4
SSDEEP

6144:eannlZZSk5qHXchRnlJB8xEKKngCE0LUZXlAaAumsV:RnnlIH8pf0AngCE0LEXlLAuvV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11b2e0f27c21bf5c0bd689d76211378f_JaffaCakes118

Files

11b2e0f27c21bf5c0bd689d76211378f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56a2c65ef7212da8aa36ab4c9150b77f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
LoadLibraryA
InterlockedExchange
GetStdHandle
CloseHandle
GetModuleHandleA
GlobalUnlock
lstrlenA
GetVersion
FindAtomA
GetACP
TlsFree
GetConsoleCP
CompareFileTime
GetTickCount
GetProfileIntA
WaitForSingleObject
HeapReAlloc
VirtualProtect
TlsGetValue
HeapWalk

user32

InflateRect
TranslateMessage
CopyRect
GetWindowTextA
GetKeyboardLayout
GetMenu
LoadIconA
ModifyMenuA
EnableScrollBar
SetWindowPos
GetDlgItem
PostMessageA
MessageBoxA
DialogBoxParamA
InsertMenuA
GetScrollRange
PaintDesktop
SetPropA
SubtractRect
DestroyMenu
CreateCaret
ShowWindow
EqualRect
DispatchMessageA
UpdateWindow
GetMenuStringA
PostQuitMessage

msi

MsiEnumClientsA
MsiDoActionA
MsiCloseHandle
MsiGetMode
MsiEnumProductsA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ