88ee768ff3f979a69ffc5bdd84a9fa4f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88ee768ff3f979a69ffc5bdd84a9fa4f_JaffaCakes118
Size

140KB
MD5

88ee768ff3f979a69ffc5bdd84a9fa4f
SHA1

7dea4c59ed3b09bebbcf4857dd5603af3b7a00ca
SHA256

a486d39c7fc2822981d8e58800aabaaa2d21c719f9d19683f9a520f924013405
SHA512

10ead8facab8bf5589179cfeeb50a324902629f1e456e099c750b0c27a5a507ee92d570e5f0a2c96e5d0557953f40de356de215b1af10fc164f804a168c7ccef
SSDEEP

1536:kdZyXKbwg77Zdup68K2AaId+3qN88tLyhK0bPM:kdZqKbPxQYTbY3qvLWY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88ee768ff3f979a69ffc5bdd84a9fa4f_JaffaCakes118

Files

88ee768ff3f979a69ffc5bdd84a9fa4f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6fa5ee2103e80ffc07704eaf41da03d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

rtjheWRJKeyWY@#yhJtrjER.pdb

Imports

advapi32

CryptCreateHash
GetSecurityDescriptorLength

gdi32

DeleteDC
SetPixelV
GetPath
GetBoundsRect
GetTextCharsetInfo
FrameRgn
BeginPath

wintrust

CryptCATAdminCalcHashFromFileHandle

user32

EqualRect

kernel32

DebugBreak
lstrlenA
GetThreadId
FreeConsole
SetThreadUILanguage

lz32

LZSeek

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ