908eebd1204642a186abefcc3317e539_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

908eebd1204642a186abefcc3317e539_JaffaCakes118
Size

159KB
MD5

908eebd1204642a186abefcc3317e539
SHA1

42d7ebaa4e2ff8a3af7cb25bd226f84e542c2719
SHA256

43b00d373c18b4e6c408d18e38c207533ca45235a44f20a0b79c67c482972b84
SHA512

2a139a0846ea62fd486ef5191fc5668897beeff3d74e6813834dd50c0c3c3a2592196610e36c83e74ad8e777ed681f5389e98b3646e3774cdca5cfd0d73ec352
SSDEEP

3072:sfxLwCBaZH03311RQmSjDrNI7pNUqHjZc:qHBk0bRYDBkpNUqDZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
908eebd1204642a186abefcc3317e539_JaffaCakes118

Files

908eebd1204642a186abefcc3317e539_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a6bf24586464c3e6478189fed63a7c73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

hegwwerherher@@!.pdb

Imports

advapi32

CryptHashSessionKey
RevertToSelf
BuildTrusteeWithObjectsAndSidW

user32

DefMDIChildProcA
SetScrollInfo
EnumWindowStationsW
SetScrollPos
GetCaretBlinkTime

esent

JetMakeKey

kernel32

lstrlenA
GetCommandLineW
GetThreadId

winmm

waveOutGetErrorTextW

rasapi32

RasRenameEntryW

opengl32

glPolygonMode

oleaut32

VarDateFromR4
VarCyCmp
OaBuildVersion

msi

ord29
ord30

gdi32

ArcTo
DeleteColorSpace
GdiGetBatchLimit
OffsetClipRgn

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt1
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 958B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ