7a58e7f8cd91b372af614ffe5db58eca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7a58e7f8cd91b372af614ffe5db58eca_JaffaCakes118
Size

400KB
MD5

7a58e7f8cd91b372af614ffe5db58eca
SHA1

8e341ffcfcb4b60b93700996b037c35f0221ec39
SHA256

6b111be3c180de78849b4f1c2d39ee0045695e22d339b50879a769351b1e6b31
SHA512

c89d62ddcc79d0e1a42dc090b3a149483e91f61c9aa9aaa489535dc32462d55d6accc2f55a255c42579c89a78afdd62f271dbcb4aab6c075b8cb70f6a143b5bf
SSDEEP

3072:bQgo+/qo6aiN3HKwkRF9kl+BHpQB8ID0msCJhp4Swm5WXDtVL3d0:2+/qo6f9kRFyl+BJM8ID0pCr/wm5S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a58e7f8cd91b372af614ffe5db58eca_JaffaCakes118

Files

7a58e7f8cd91b372af614ffe5db58eca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8ae4a04773f3882a8567173e07a659c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiSetDeviceRegistryPropertyW
SetupDiCancelDriverInfoSearch

ole32

CoInvalidateRemoteMachineBindings
CoGetCallerTID

winscard

SCardGetProviderIdA

kernel32

GetStringScripts
EnumSystemGeoID
GetTimeZoneInformation
GetNamedPipeClientProcessId
GetModuleHandleW
SetDefaultCommConfigA
SetConsoleCP
DeleteFileA

rasapi32

RasEnumConnectionsW
RasFreeEapUserIdentityW

oleaut32

VarDateFromI4
VarR4FromR8

user32

GetClassNameA
DdeConnect
GetClipboardOwner
GetMenuItemID
MapVirtualKeyA

gdi32

GetFontLanguageInfo

ws2_32

select

rpcrt4

NdrSimpleStructMarshall
RpcServerUnregisterIfEx

mprapi

MprConfigInterfaceCreate

Sections

.text
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ