047a8bda867a400a897dd5f313b6499b_JaffaCakes118 | Triage

Sharing

General

Target

047a8bda867a400a897dd5f313b6499b_JaffaCakes118
Size

388KB
MD5

047a8bda867a400a897dd5f313b6499b
SHA1

b819dcd9fa6ee5c81052c81cc90fb6148a2ccfe0
SHA256

30b1a5f8a96e68a448c670ae08be464b5b094f58cb9fab7be3b3918c560cb907
SHA512

8e0e80eacc181c3a8b514f3bcfd64c5f48776e68e6082f335c667ae4de56527f1b8cb8e82cf49524163b05b546689d4786bf59dd58fdc3d0e1bed5fa91e62544
SSDEEP

6144:pq/+ep82m8Anc7amzdxyQEf5d+vheNaENwg6DutB4aeqq/SDrdmmklBnsz+uYx:pz6MAamJxof5EheN9wg6NaeqUS0pmzox

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
047a8bda867a400a897dd5f313b6499b_JaffaCakes118

Files

047a8bda867a400a897dd5f313b6499b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a843ea261c71021afc041178b8afdb51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

gdiplus

GdipGetPropertyItemSize

user32

GetMessageA

gdi32

CreateCompatibleBitmap

ole32

CoTaskMemRealloc

oleaut32

VarBstrFromDate

comctl32

_TrackMouseEvent

wintrust

WintrustGetRegPolicyFlags

crypt32

CryptMsgClose

rpcrt4

UuidCreate

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 342KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE