0124fc853eecc26e08e1534a5a29b989_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0124fc853eecc26e08e1534a5a29b989_JaffaCakes118
Size

49KB
MD5

0124fc853eecc26e08e1534a5a29b989
SHA1

bd58708c635c130c475baf65a8ed8568549befa9
SHA256

00aa723634c8a5cc2882c93797f10f2031390faedcbce308365b475ef3dee514
SHA512

4da820ef1f031c78ba3a219a293f1d2916daa92ae30678284b17bad9586fc267f0cdb50c9ed55734f5878c03de52283a94365c6c2eb6ea82ee947b06e04d3224
SSDEEP

1536:Qp3oFAEddAYs2TDoWzJD/JhFplKcy/i3EFV6:QhoZdAuIwLTC/6x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0124fc853eecc26e08e1534a5a29b989_JaffaCakes118

Files

0124fc853eecc26e08e1534a5a29b989_JaffaCakes118
.exe windows:1 windows x86 arch:x86

c407987f7240b61a2fecad937b5a04a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileExA
OpenMutexA
GetCurrencyFormatA
CopyFileExA
GetStringTypeExW
CreateHardLinkA
GetCommandLineW
EnumResourceNamesW
BuildCommDCBW
LCMapStringA
WritePrivateProfileSectionA

user32

GetClassNameW
IMPGetIMEA
DispatchMessageW
CharToOemA
InsertMenuA
LoadCursorFromFileA
SetWindowTextA

gdi32

TextOutA
GetCharWidthFloatA
GetCharacterPlacementA
RemoveFontResourceW
DeviceCapabilitiesExA
GetTextExtentPointA

Sections

.code
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 854B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 770B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ