268efb055524769dbff8d2db6699cff2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

268efb055524769dbff8d2db6699cff2_JaffaCakes118
Size

335KB
MD5

268efb055524769dbff8d2db6699cff2
SHA1

14deba82e72e2ab5cb02c00c1ca8da6b25775171
SHA256

4765c7ae5d210377e9e8c0829d88fc4215f90d666108da72db3b76fd3cfe665a
SHA512

f015b40deed11ce94401cad86299949af14cb752b8488533cd9e927383d4419a2ac2da548216e97ae7f3f6aa3fd81a816659e5ffe41af22f2cab5cfde1fc87f7
SSDEEP

6144:NPNvkh6dtbcQraISqHEdkbB79QYeiqvG+6Tm3NI0TgupwPVIju+qVovkAOYJEaU:x2hG1ReItkd67NO6i3NICgFPoMAOZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
268efb055524769dbff8d2db6699cff2_JaffaCakes118

Files

268efb055524769dbff8d2db6699cff2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30afe04e50836699293b409fea8d8455

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
FindAtomA
CloseHandle
GetConsoleCP
TlsFree
lstrlenA
GetStdHandle
TlsGetValue
GetAtomNameA
HeapWalk
InterlockedExchange
WaitForSingleObject
HeapReAlloc
LoadLibraryA
GlobalUnlock
VirtualProtect
GetTickCount
GetVersion
CompareFileTime
GetModuleHandleA
GetProfileIntA

user32

PostMessageA
GetMenu
GetWindowTextA
SetPropA
PostQuitMessage
CopyRect
GetKeyboardLayout
PaintDesktop
LoadIconA
TranslateMessage
InflateRect
ModifyMenuA
SetWindowPos
UpdateWindow
DestroyMenu
CreateCaret
InsertMenuA
MessageBoxA
EqualRect
ShowWindow
DialogBoxParamA
GetMenuStringA
SubtractRect
GetDlgItem
GetScrollRange
EnableScrollBar
DispatchMessageA

msi

MsiEnumProductsA
MsiCloseHandle
MsiDoActionA
MsiGetMode
MsiEnumClientsA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ