6f7c967890fed8817ec58bf6c606ef80_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f7c967890fed8817ec58bf6c606ef80_JaffaCakes118
Size

13KB
MD5

6f7c967890fed8817ec58bf6c606ef80
SHA1

0b880c2dfb51c5fad9aa9beb91139e43f3ec7702
SHA256

2cab8267a62a23dff108af15c9eb19a8c64315a97183dbe81349a22c6de36186
SHA512

3cf0b02bd93b18ba3e81762bd0a512ae414b9f8b36a2a97fff58288083a5bb5cb0599308f1672c1dcfb31da6c858eb61d61655992a6d7e262fefae60fbf34176
SSDEEP

192:J7oViq4kZSx84rMPwXpfBJ6oH+zFcn87hT1kqAAbfN8jag/9EzGp+Zjlz1r/Iox1:NtWQpuXkPebSobK/+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f7c967890fed8817ec58bf6c606ef80_JaffaCakes118

Files

6f7c967890fed8817ec58bf6c606ef80_JaffaCakes118
.exe windows:5 windows x86 arch:x86

db045995786d179eb45e8f97da651207

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
ReleaseMutex
GetModuleHandleA
CreateFileA
ReleaseSemaphore
LoadLibraryA
CreateEventA
GetProcAddress

user32

CloseWindow

gdi32

SetTextColor
CreateBitmap

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 97B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ