6620336a6a602d98076733fe042d154d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6620336a6a602d98076733fe042d154d_JaffaCakes118
Size

1.2MB
MD5

6620336a6a602d98076733fe042d154d
SHA1

8c4163fc85be743836a407a9e262aac40880a92a
SHA256

95f33ec8115346b3cc2206125b265640c9df439275d4694b05de7d61c4c3cedb
SHA512

df94df992bec3b37eb745003b911e9c048036cda3f8237a15200c78096fb9f4c264c3cf1a1c566c6d9bf40f9b6c76c2dbde789ecd9a9cafa6be72b066ef37af8
SSDEEP

6144:VbXa0LFTuJQ3/j3zgZELr1VBNj082BJr3k3xUOVs3DVf81GoyHn7kOpN50IKOOqG:Vu0RTBPjkK/jH2fIGOVoDJLvfOqsUFY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6620336a6a602d98076733fe042d154d_JaffaCakes118

Files

6620336a6a602d98076733fe042d154d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eeb2675e868c3c1cf3a9b68d6e40f93f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wh@##weh.Pdb

Imports

kernel32

GetNLSVersion
GetModuleHandleA
InitializeSListHead
GetSystemRegistryQuota
SetConsoleCursorInfo

opengl32

glEvalMesh1

mscms

UninstallColorProfileW

shlwapi

StrTrimA

ntdll

wcstol

user32

CreateCaret
GetCaretBlinkTime
CallWindowProcA
UserHandleGrantAccess
GetSubMenu

oleaut32

SysStringLen

gdi32

GetTextFaceA
GetWindowExtEx
DeleteObject
AngleArc

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 814B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 744KB - Virtual size: 742KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 360KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ