e5e6c7c6b2fb5b8bc0e9d651e8244857_JaffaCakes118 | Triage

Sharing

General

Target

e5e6c7c6b2fb5b8bc0e9d651e8244857_JaffaCakes118
Size

186KB
MD5

e5e6c7c6b2fb5b8bc0e9d651e8244857
SHA1

053950de882c856df15ce17b06becae5c226b05b
SHA256

e8545f0d99dadfa454874d21839fb5b91d4fe5328d8d2b9c5a64a9a550d2135b
SHA512

562b7bbd36d6c34e50f7df55c2ba44286af6872721ad770a23fe11b7eefed4d6f40d6e5975aff28ca2eb35f3428bbeeafb71f528c4e13fbbc46415fe212ac74e
SSDEEP

3072:wMYVMAg7hCrqFduUoyag5Pykppwp8FqciW60GpkL7fsoNy:wDVnIg246b5ay28Fqco0GpknsoN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5e6c7c6b2fb5b8bc0e9d651e8244857_JaffaCakes118

Files

e5e6c7c6b2fb5b8bc0e9d651e8244857_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0479f1685951f213612b161b5cfbd49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GetLongPathNameW
GetProcAddress
GetModuleFileNameA
InitializeCriticalSection
SetThreadContext
lstrcpynA
LoadLibraryA
MultiByteToWideChar
EnumResourceNamesA
GetVersion
GetFileAttributesA
GetWindowsDirectoryA
ExitProcess
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
GetLocaleInfoA

user32

UnregisterClassA
PtInRect
GetWindowRect
MoveWindow
GetActiveWindow
SetFocus
SetWindowLongA
GetDC
BeginPaint
EndPaint
GetKeyState
GetDlgItem
EqualRect
SetWindowRgn
IntersectRect
DestroyWindow
CharNextA
OffsetRect
ReleaseDC
DefWindowProcA
LoadAcceleratorsA
SetDlgItemTextA
SetParent

clusapi

CloseCluster

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ