aac83167081b7d228931845c006253f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aac83167081b7d228931845c006253f6_JaffaCakes118
Size

204KB
MD5

aac83167081b7d228931845c006253f6
SHA1

9aa9d909930c7f9279fcd223960b5671dd3ef52e
SHA256

7efc8446996e148dcf5b6f490899f588c97cd1140b867098943f6a2b486fcc5a
SHA512

4b54e8c6d11e99c21bf066853e75a4abee949822cdee25e38d9f571e97f09d5d30974055b04fc3d31252d084eba04c736544a54b182555ad37eafceaf9eafe27
SSDEEP

3072:dlX2r1VTrT63z+30fE7IjeHU9DtAZelbHKtfwgs9PPJ8wxsdOqsJ3MBTyv//:/2DrCSRrk5jT9OOqsJMBmP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aac83167081b7d228931845c006253f6_JaffaCakes118

Files

aac83167081b7d228931845c006253f6_JaffaCakes118
.exe windows:6 windows x86 arch:x86

76458e3b56572b9885302937a0b2fc83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glMultMatrixd

kernel32

GetNamedPipeClientSessionId
GetCommandLineA
GetBinaryTypeA
GetModuleHandleA
SetConsoleCursorInfo
GetConsoleWindow

rpcrt4

RpcStringFreeA

oleaut32

VarUI2FromBool
VarR8FromI4

user32

InternalGetWindowText
GetWindowTextLengthA
DrawMenuBar

gdi32

LPtoDP
SetTextCharacterExtra
GetMapMode

advapi32

QueryUsersOnEncryptedFile

pdh

PdhEnumObjectItemsHW

ole32

CoRegisterMessageFilter

Sections

.text
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ