96a462e5f978902dbbc9ef678c29d7a6_JaffaCakes118 | Triage

Sharing

General

Target

96a462e5f978902dbbc9ef678c29d7a6_JaffaCakes118
Size

204KB
MD5

96a462e5f978902dbbc9ef678c29d7a6
SHA1

f8e3a5addee354188311ebbd572afb062253623f
SHA256

5f89899fe13b50da5340cc44f5b7d576e3ff04ee3246cef7959ac46a1561619c
SHA512

4fb1a45b4a2bd49c824573f431b4bfde1831680eccec7a6eedd8d12cbf1f726a5b1443a744314d789b84b52b96dadbcb72a65bc6669d61357338efcf359113d8
SSDEEP

3072:1JB2nMWYJUAUMZjozQUFMK9M9lkS5jQeQ0NVxXFCRsPPJ8wxsdOqsJ3MBTyv//:sGWFMposUFMrYS3FXaIOOqsJMBmP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96a462e5f978902dbbc9ef678c29d7a6_JaffaCakes118

Files

96a462e5f978902dbbc9ef678c29d7a6_JaffaCakes118
.exe windows:6 windows x86 arch:x86

a600e62fffc01a11b8a01296678c9f4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InternalGetWindowText
DrawMenuBar
GetWindowTextLengthA

rpcrt4

RpcStringFreeA

advapi32

QueryUsersOnEncryptedFile

pdh

PdhEnumObjectItemsHW

gdi32

GetMapMode
LPtoDP
SetTextCharacterExtra

oleaut32

VarR8FromI4
VarUI2FromBool

opengl32

glMultMatrixd

ole32

CoRegisterMessageFilter

kernel32

GetModuleHandleA
GetConsoleWindow
GetBinaryTypeA
GetCommandLineA
GetNamedPipeClientSessionId
SetConsoleCursorInfo

Sections

.text
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ