29eed71217fc66d3bcd75b8202af777e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29eed71217fc66d3bcd75b8202af777e_JaffaCakes118
Size

152KB
MD5

29eed71217fc66d3bcd75b8202af777e
SHA1

0d5a86f0a9fb98d8879a8af25e76068888730dea
SHA256

72eae553a21fb486828103df5227dea51a4c044eb66dbf12f067eb2d7dcb0be1
SHA512

70a678deb0dd28431195f0efd4a8d2e22b4883541afd9f762b4ea48d05fbfc85d9a0ff29beb8c4aa6bd2edb2e914674461c40fd89d88dd5529d8e6b20485ea86
SSDEEP

3072:TvRY0sXCxqw3JMVZ+R/rPJbMZ4eFy3Yfgcw:TqRXbwiYrP24eFXfgP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29eed71217fc66d3bcd75b8202af777e_JaffaCakes118

Files

29eed71217fc66d3bcd75b8202af777e_JaffaCakes118
.exe windows:6 windows x86 arch:x86

0d553ac2168f5256b5db27772967424d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

pdh

PdhEnumObjectItemsHW

rpcrt4

RpcStringFreeA

ole32

CoRegisterMessageFilter

kernel32

GetConsoleCP
SetConsoleCursorInfo
GetConsoleWindow
GetModuleHandleA
FreeConsole
GetBinaryTypeA
GetConsoleOutputCP

gdi32

LPtoDP
SetTextCharacterExtra

advapi32

QueryUsersOnEncryptedFile

oleaut32

VarR8FromI4
VarUI2FromBool

user32

InternalGetWindowText
DrawMenuBar
GetWindowTextLengthA

opengl32

glMultMatrixd

Sections

.text
Size: 140KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ