ff565d6d409c39e12e9d31869dc8697c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff565d6d409c39e12e9d31869dc8697c_JaffaCakes118
Size

126KB
MD5

ff565d6d409c39e12e9d31869dc8697c
SHA1

ae3f892ffa6ef4b7cb3853078fd9b9c0b1abd0a5
SHA256

8f758e2328e833ea6a5db75fa06a427860f358ab8611656954de3c49bc35e05f
SHA512

0b124720d9a2a64c25e970b0ae4a9150307d0ffcaec2f162900999bc5582cdd8a76cd58f3951876639a1690cc71d551c90d249f13d3cbd60a37ddc314e5c31a1
SSDEEP

3072:ei/eWQ/582z7Jx2a8+e5xoZI/ttY32tf5bXwbbsQlII:vt02a8RxomeWf1gvsa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff565d6d409c39e12e9d31869dc8697c_JaffaCakes118

Files

ff565d6d409c39e12e9d31869dc8697c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2cb0dd57e52f010921be59dcf0a64bec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegOpenKeyA
RegDeleteValueA
RegEnumKeyExA

oleaut32

SysAllocStringLen
SysReAllocStringLen
SafeArrayCreate
SafeArrayUnaccessData
GetErrorInfo
OleLoadPicture
SysFreeString
SafeArrayPtrOfIndex
SysStringLen

kernel32

GetFullPathNameA
GetFileType
GetFileAttributesA
GetCommandLineA
ExitProcess
ExitThread
IsBadHugeReadPtr
GetLastError
GetFileSize
LoadLibraryA
VirtualAllocEx

gdi32

BitBlt
CreateFontIndirectA
GetObjectA
SetBkMode
CopyEnhMetaFileA
CreateBitmap
RestoreDC
GetTextColor
GetDIBColorTable
GetRgnBox

user32

KillTimer
TranslateMessage
UnhookWindowsHookEx
CreatePopupMenu
UnregisterClassA
GetMenu
GetSysColorBrush

Exports

Exports

_w5mCnPhqZjK
iPqTHB5JHp01@4
vfjDX58uGzmT45
_FjAhGovb3@16

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ