e28a73bc2adecb253f3bdb21d5ac12a0_JaffaCakes118 | Triage

Sharing

General

Target

e28a73bc2adecb253f3bdb21d5ac12a0_JaffaCakes118
Size

188KB
MD5

e28a73bc2adecb253f3bdb21d5ac12a0
SHA1

7e1f9261f2575ad90b960e7025ba786735469ad8
SHA256

a58e967d716e66cd2f5610f005f9b0ef0f321382499cfd29329fa9b2c99f1932
SHA512

f37d0308cacb612ca0973ecc01a91cbbf7ecc291bf61b2711bbe224bbe9f4abd34f9eaebc41ad9da7ee511c8102f41b4035ce718ca0fd8ed114eba3f346c7015
SSDEEP

3072:7hy0apPSsn3doKkwOZeFqVSWtmf6DnLUbUZIl+OJ0MFxvAlAUWPlbRnqoOMow0Ee:s9xbNCwtYV4MLg5jJ0MnAa5BRbOst8bB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e28a73bc2adecb253f3bdb21d5ac12a0_JaffaCakes118

Files

e28a73bc2adecb253f3bdb21d5ac12a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19a7a2506f029acaa66f108b5cf758a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

EndPaint
BeginPaint
SetFocus
CallWindowProcA
RegisterClassExA
IsWindow
UnionRect
GetFocus
InvalidateRect
GetParent
GetClientRect
UnregisterClassA
RealGetWindowClassA
IntersectRect
GetKeyState
IsChild
PtInRect
CreateWindowExA

kernel32

CreateFiber
UnhandledExceptionFilter
HeapDestroy
VirtualQuery
VirtualProtect
GetLocaleInfoA
HeapReAlloc
ResumeThread
GetSystemInfo
TerminateProcess
GetCommandLineA
VirtualAlloc
EnumResourceNamesA
ExitProcess
LoadLibraryA
VirtualFree
GetProcAddress
HeapAlloc
SetUnhandledExceptionFilter
GetACP
RtlUnwind
SetThreadPriority
HeapSize
IsProcessorFeaturePresent
InterlockedCompareExchange
WriteFile

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ