e07e755233bfca77d17d2044af6c512b_JaffaCakes118 | Triage

Sharing

General

Target

e07e755233bfca77d17d2044af6c512b_JaffaCakes118
Size

205KB
MD5

e07e755233bfca77d17d2044af6c512b
SHA1

84313b519bc7fb1723b0ebd70851c3212b4456ea
SHA256

0eb9f7473f5cacc2a2180166e0d790648ae92c04e1d6ab6d9faea26a9540516f
SHA512

3d8b43ce5ee3738ae887d8d03a5697a4f735204d4573831a39a131560adad82e9a42522ed82c26dc825dee28db8138852972ebd01a39c5a5561829210d7ee5fe
SSDEEP

3072:y6kBHbpmyAZeXPjMZlIGmJaPovQj1JNu0czvb59jh/R0X95YhNhGj7tXPKzgy1Ml:+t9AMKIGYaPovQjJ6J2zcNhiXPagyw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e07e755233bfca77d17d2044af6c512b_JaffaCakes118

Files

e07e755233bfca77d17d2044af6c512b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12e4a58742364f833af5bf9e784d7a82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFiber
GetLocaleInfoA
VirtualAlloc
HeapReAlloc
VirtualFree
TerminateProcess
ResumeThread
UnhandledExceptionFilter
GetProcAddress
GetCommandLineA
VirtualQuery
EnumResourceNamesA
GetSystemInfo
HeapSize
HeapAlloc
InterlockedCompareExchange
SetUnhandledExceptionFilter
SetThreadPriority
VirtualProtect
RtlUnwind
LoadLibraryA
GetACP
HeapDestroy
IsProcessorFeaturePresent
ExitProcess
WriteFile

user32

SetFocus
RealGetWindowClassA
IntersectRect
BeginPaint
PtInRect
UnregisterClassA
GetFocus
EndPaint
UnionRect
GetParent
IsChild
IsWindow
GetKeyState
GetClientRect
CallWindowProcA
InvalidateRect
RegisterClassExA
CreateWindowExA

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ