12b37c441eee213af047f180ebb181d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12b37c441eee213af047f180ebb181d1_JaffaCakes118
Size

455KB
MD5

12b37c441eee213af047f180ebb181d1
SHA1

b557e7a67f30c656887c71ee76f6c41a0bca8b10
SHA256

3db236ca9a611d3437fb14ad8cc7dcb7adf76fa23f031587961ddd55edb44d3d
SHA512

bc90960f1c33daca9645cad2879cfefd7c48b3150c3c2437788897a3296d3dbfda1e3c2a3fa16a51669985e0e5d1a0096ad367c1e3a0ce90e37a0e48c9e6d479
SSDEEP

3072:JlZ3gEthJ6E4hdjhUTaGSSMo4mDCtvOgLm5gHYevKwsw4Ymr1vZLsVZWdy+gfq1V:2HDFsjYovB+0gfqAf3lO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12b37c441eee213af047f180ebb181d1_JaffaCakes118

Files

12b37c441eee213af047f180ebb181d1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b01c672ebbe2ea4625a77b6fbd30bf1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarCyMulI8

user32

GetCursorInfo
DdeDisconnectList
TrackPopupMenu

wininet

InternetAutodial

secur32

InitializeSecurityContextW

shlwapi

StrChrNW

ntdll

memset
towupper

kernel32

GetModuleHandleW
GetCalendarInfoEx
Wow64SetThreadContext
IsSystemResumeAutomatic
GetLargestConsoleWindowSize

advapi32

GetSidSubAuthorityCount

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 361KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ