e1e6cf942e867ee65c66c913751ad5e4_JaffaCakes118 | Triage

Sharing

General

Target

e1e6cf942e867ee65c66c913751ad5e4_JaffaCakes118
Size

162KB
MD5

e1e6cf942e867ee65c66c913751ad5e4
SHA1

092bdcb476d572875a1097c7c2e9d373cda81e56
SHA256

cd9dd49d3c6c31b71fb3d635498f65065d18adb2da2164bfadfdfa7fb3d7030c
SHA512

4a7d623538f71e8bd5521309acfcc12a7a962c51b6d724973af59215b1452e857fd0289b2fcd0a916ea4868b5417f3a8c2e5ffa19edfae801ec6b99e4f5a5b7c
SSDEEP

3072:wqmPFc2RTgZZ1uhpT5SX6wO3YqxdTcs33nLvKNDNSirly:xmPFc2RTWs/BSqfTcsLv2Si8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1e6cf942e867ee65c66c913751ad5e4_JaffaCakes118

Files

e1e6cf942e867ee65c66c913751ad5e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92805d53a565a2e55955549857d9a4c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
RegisterClassExW
MessageBoxW
GetWindowInfo
LoadCursorW
CreateWindowExW
GetUpdateRgn
EndDialog

kernel32

PrivMoveFileIdentityW
CreateMutexA
GetModuleFileNameW
ReleaseMutex
CreateEventA
GetFileAttributesW
LoadLibraryW
CreateFileW
GetProcAddress
LoadLibraryExW
DeleteAtom
DuplicateHandle
OpenProcess
VirtualFree
GetProcessId
lstrcpynW
GetStdHandle
AddAtomW
CloseHandle
EnumResourceTypesA
CreateFileMappingA
LoadLibraryA
UnmapViewOfFile
OutputDebugStringW
SystemTimeToFileTime
ExitProcess
MoveFileW
WriteFile
MapViewOfFile
ProcessIdToSessionId
GetFileAttributesA
CreateDirectoryW
WaitForSingleObject
VirtualAlloc
SetEvent
GetSystemTime
GetUserDefaultUILanguage
FindAtomW

oleacc

LresultFromObject

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ