5676ca2d0700e54c6fc628ae160b4a44_JaffaCakes118 | Triage

Sharing

General

Target

5676ca2d0700e54c6fc628ae160b4a44_JaffaCakes118
Size

107KB
MD5

5676ca2d0700e54c6fc628ae160b4a44
SHA1

be3402946c5f888ff0987fe3dfd4b332cb0563fe
SHA256

caef4df6797e718c7d975f8b2497a0fc3382e1a1149aac50f66d3ef6391b6eea
SHA512

afe55114bc4a8cf4f565f06a02d44940e3e85c7a6ca9d3c8f9d02d74f30125fd4a4a483b5cce832bbf8ea57f1d857c07de20d2e1faa58411ee468ecb53ac4fd7
SSDEEP

1536:zq+1Pt53cLPV2/Eo1sTW12Qk9NkTEIRmGRjIvQEtE4DYHAhxmO0qspaM:zq+1Pf3cLPV8Eo1rgQ3bYFIEatoGiM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
5676ca2d0700e54c6fc628ae160b4a44_JaffaCakes118

Files

5676ca2d0700e54c6fc628ae160b4a44_JaffaCakes118
.exe windows:5 windows x86 arch:x86

23f0545fb3118b47e57b62cf2e13ad6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

PDB Paths

2.Dpd

Imports

gdi32

GetPaletteEntries
SetGraphicsMode
SelectPalette

advapi32

GetCurrentHwProfileA

oleaut32

GetAltMonthNames

ole32

CoRevokeInitializeSpy

setupapi

SetupFreeSourceListW

clusapi

ClusterResourceCloseEnum

urlmon

CoInternetIsFeatureZoneElevationEnabled

msi

ord30

shlwapi

ord10

user32

GetShellWindow
MessageBoxA
GetMenuItemInfoA
EnumDisplaySettingsW
GetWindowTextA

kernel32

GetModuleHandleA
lstrcmpA
FlsFree
ConvertFiberToThread
GetBinaryTypeA
GetModuleFileNameA
GetLastError
GetNumberOfConsoleInputEvents
FlushConsoleInputBuffer

Sections

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ