12c749fccfdcf0cd890c1afd53cccdd8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12c749fccfdcf0cd890c1afd53cccdd8_JaffaCakes118
Size

35KB
MD5

12c749fccfdcf0cd890c1afd53cccdd8
SHA1

310a048e7d176a0139864a60fcb1247506e83c83
SHA256

cf11ead3a735535487e5af0c01d42970c910d377a0195adb4ed2aa6fbeb8e420
SHA512

1bd413bfd90a49cf9c3171ffd86017bdfd721c4a971eb1752e902e1e31b13534a95fcd3f6b9e40634c55f6e689630e200a41f13f40b94b13b0bc9c044a32181f
SSDEEP

768:OtqF4uBg4Rt/MCy43/KE1JYbY/HkzZjU8I/D4qsoZ7D6:OtqFbrRt0Cp3/KKJUzzZkD4/oU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12c749fccfdcf0cd890c1afd53cccdd8_JaffaCakes118

Files

12c749fccfdcf0cd890c1afd53cccdd8_JaffaCakes118
.exe windows:6 windows x86 arch:x86

f4928ac7e4d7fe894718bf1569aa038b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

gdi32

GetStockObject

user32

IsWindow

msvcrt

free

ole32

CoUninitialize

oleaut32

VariantInit

uxtheme

SetThemeAppProperties

imm32

ImmEscapeW

msctf

TF_Notify

Sections

.MPRESS1
Size: 28KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE