f9bc8cac9357c61baee9b9033092b2b4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9bc8cac9357c61baee9b9033092b2b4_JaffaCakes118
Size

181KB
MD5

f9bc8cac9357c61baee9b9033092b2b4
SHA1

b7953dec774e924cdeb36d6b9c2a40c508514686
SHA256

91ca8dc5b22a839393c53d996661e06f58d772e3601c8a53e7535226e93fdd48
SHA512

e3e2162f71bb92f53c5671fc85543ce5396616de878a6a475ac30d7033b71537f80efdadcc0a007419eeb5b29abf41d784ee6da09f01b9f911ccd48f961cb59f
SSDEEP

3072:qeaQ7OhLMyCkyUjixo7bIANF2wJzcLlr02+9edM7shg22YpgW:q7BpM3kzhxz79edLh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9bc8cac9357c61baee9b9033092b2b4_JaffaCakes118

Files

f9bc8cac9357c61baee9b9033092b2b4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

880da12b6e40cac482b98380c3b4f4e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\mORxcu\xWtkKRuV\xfOhnm\WdAAzn\qxnac.pdb

Imports

user32

PostMessageA
GetScrollRange
RegisterClassExW
SetWindowPos
LoadMenuA
DeleteMenu
GetWindowLongA
GetSystemMenu
GetWindow
OpenIcon
DrawTextW
GetSystemMetrics
GetScrollPos
wsprintfW

gdi32

SetBkMode
GetLayout
SetBrushOrgEx
PtInRegion
CreateDIBSection
DPtoLP
StartPage
SetMapMode
Polygon

kernel32

OpenFileMappingW
TlsGetValue
SearchPathW
GetProcAddress
GetStartupInfoW
lstrcmpiW
LoadLibraryW
CompareStringW
AreFileApisANSI
ResumeThread
GetStdHandle
IsBadReadPtr

Exports

Exports

?sLkJoWj@@YGXPAGPAD@Z
?uKusduriductevNwla@@YGJPAJ@Z
?vurFuwIp@@YGPAHPAIPAK@Z

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ