7f87cb281d793f9987c17e45808ba0ac_JaffaCakes118 | Triage

Sharing

General

Target

7f87cb281d793f9987c17e45808ba0ac_JaffaCakes118
Size

148KB
MD5

7f87cb281d793f9987c17e45808ba0ac
SHA1

315d3a5ffc2aa5e473ff1de9020a0042c83ef84d
SHA256

4233217a7a1d95dad6a948d0aacbaaa850a3b2d7c169d4f5015e82289d0d187d
SHA512

c527ab7ca155a0202a331b49c9d432a5fbcdb932e8e78b94b5602962e9fbc97f9455f714cefbe0ecad2e50abca5f84b397c9915f70ae2a1958ab305336fc5dc9
SSDEEP

1536:keseBprOoMwI4hU68TkgAqW2FTIzxiiIxwI8tMAPoSKkTR96OtTeTWzplA:KGvMwIc8vA+ld3elyK96ueT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f87cb281d793f9987c17e45808ba0ac_JaffaCakes118

Files

7f87cb281d793f9987c17e45808ba0ac_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3527f7f1cf2e4cd056a43881979f3733

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

HO_ivtx_Is_Rw.pdb

Imports

gdi32

GetClipBox
SetICMMode
SelectObject

shlwapi

PathRemoveBackslashA

pdh

PdhGetFormattedCounterValue

wintrust

OpenPersonalTrustDBDialog

user32

GetMenuInfo
KillTimer
IsClipboardFormatAvailable
GetMenuState
SetMenu

oleaut32

VectorFromBstr

kernel32

DeleteAtom
SetConsoleActiveScreenBuffer
GetFileSize
SetPriorityClass
Thread32Next
LocalLock
WaitForDebugEvent
GetConsoleOutputCP
GetConsoleFontSize
GetLocaleInfoEx
GetCommandLineA
DeactivateActCtx
EnumSystemGeoID

winscard

SCardStatusW

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ