538ea16f867e4902b1590d80ccd861e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

538ea16f867e4902b1590d80ccd861e3_JaffaCakes118
Size

813KB
MD5

538ea16f867e4902b1590d80ccd861e3
SHA1

eb8992a65206fe512c896547eec5fdaef8544ef2
SHA256

151a40f4eaf7722b8f03b8c4e84b132a70ca91d15408c37a61a22728d20651bf
SHA512

9e972cf9f48764fb7c6dae97864dea225103e9fb73d486913e6f42ff6295477378e3f859bb6add7b8f80b8c19fbdbbb8911e263464e5a272eda2bd1d4274a8f2
SSDEEP

24576:UVWuW83glDO/8oPnGPKQRfQ0ucDnDmRUJEVe+SsAE/:/1btrP9RIaHmaWY+Sg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
538ea16f867e4902b1590d80ccd861e3_JaffaCakes118

Files

538ea16f867e4902b1590d80ccd861e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

beb57e8b51ab1b3c3559b36377d92c2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalLock
IsBadReadPtr
CreateFileMappingA
LoadLibraryExA
GetLastError
TlsGetValue
LocalUnlock
CreateEventA
GetStdHandle
IsDebuggerPresent
GetFullPathNameA
GetModuleHandleA
HeapCreate
CreateFileA
FreeEnvironmentStringsA
FindClose
CloseHandle
LocalFree
GetConsoleCP
GetACP

user32

EmptyClipboard
EndDialog
DefWindowProcA
ScrollWindow
GetIconInfo
GetDlgItem
CreateDialogParamA
GetMessageA
PostMessageA
GetDC
SetFocus
DispatchMessageA
IsWindow
DrawIconEx

msasn1

ASN1BERDecCheck
ASN1BERDecEoid
ASN1BEREncFlush
ASN1BERDecBool
ASN1BEREncLength

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ