615af308123f3abe754d69de2162b383_JaffaCakes118 | Triage

Sharing

General

Target

615af308123f3abe754d69de2162b383_JaffaCakes118
Size

148KB
MD5

615af308123f3abe754d69de2162b383
SHA1

412a04a5ca34e217f34a26a0816055b36870314e
SHA256

9d0f8bb5cebd8d1ee8f41ec21a2971ac150c632431d51a4a74fcac23db297422
SHA512

487e057d89cdd6bf8408ad37f05a0cb0c9508ab6284368c09477b86366b591789c2f6eb3153162cb0af301178b0f830f6904512edc3cae7feff743eac2f30971
SSDEEP

3072:d3HRqRIzdRAgjZMIYMiLFqib3eiH8vKELXIu/3Z49zCWH9Y:FHRVxR/ZcLFJbD0KOXIu/itC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
615af308123f3abe754d69de2162b383_JaffaCakes118

Files

615af308123f3abe754d69de2162b383_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3a9d568f5646c6dfd08062788bc8f43a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

QPSWCV.pdb

Imports

kernel32

GetFileTime
GetCommandLineA
IsValidCodePage
GetConsoleSelectionInfo
LocalReAlloc
TlsAlloc
IsThreadAFiber
CreateSemaphoreW
GetLocaleInfoW
GetStringTypeW
InitializeCriticalSectionAndSpinCount
AddAtomW
GetSystemDefaultLangID
GetSystemDefaultLCID

winscard

SCardGetProviderIdW

user32

SetCursorPos
GetSysColorBrush
GetDesktopWindow
DdeAbandonTransaction
IsWindowEnabled
DrawFrameControl
CopyImage
TrackPopupMenuEx
MapWindowPoints
GetUpdatedClipboardFormats
RegisterWindowMessageW
BringWindowToTop
SetThreadDesktop

gdi32

OffsetRgn
GetStretchBltMode
CreateCompatibleBitmap
CreateHatchBrush

crypt32

CertFreeCertificateChain

shlwapi

IsCharSpaceA
StrChrNIW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ