06e97910a3b0c0cc9b39dd180534592e_JaffaCakes118 | Triage

Sharing

General

Target

06e97910a3b0c0cc9b39dd180534592e_JaffaCakes118
Size

48KB
MD5

06e97910a3b0c0cc9b39dd180534592e
SHA1

db8295afe382a2de94d0f11b810fc402ee9ffb17
SHA256

5dace3d59328047ee072c250a963070e215ee10e087dae07b6bbb7e867d19a80
SHA512

4215b09c7eef25095c49e91e6bece234cf009a2f2027b4a0243c8b9d7b965753de623a7a91861d892817cdb9b323943de418e4e0e345273ac43a7677d750e036
SSDEEP

768:thsbFwx3FPlSPwF8tLBs5tc6Eq2mMLjHxYEuSIDQuxZx/FAw3Iym6zGskWxemel:tGb6llSP3eaFRmBvA0lTkMe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06e97910a3b0c0cc9b39dd180534592e_JaffaCakes118

Files

06e97910a3b0c0cc9b39dd180534592e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

de58260f653cbab18260f314c8148baa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\jirvmltzlo\yebYqqkNobok\pwtpdsgq.pdb

Imports

user32

EnumWindows
ExitWindowsEx
UpdateWindow
CreatePopupMenu
SetWindowTextA
GetMenuItemInfoW
DefWindowProcW
IsDialogMessageW
EnableWindow
CreateAcceleratorTableW
RegisterWindowMessageA
CharToOemBuffA
DialogBoxIndirectParamW
mouse_event
wsprintfA

msvcrt

_controlfp
__set_app_type
__p__fmode
mbstowcs
__p__commode
floor
_amsg_exit
_initterm
_ismbblead
strtok
_XcptFilter
_exit
_cexit
__setusermatherr
__getmainargs

gdi32

SetAbortProc
ExtTextOutA
CreateFontIndirectA
RealizePalette
CreateHatchBrush
SetBitmapBits

shlwapi

StrFormatByteSize64A
StrRChrW

kernel32

FoldStringW
SetLocalTime
GlobalSize
LCMapStringW
IsDBCSLeadByteEx
GlobalAddAtomA

Exports

Exports

?GeometryTranslate@@YGHPADK|U

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE