077ebe9f398a439d737573da50aad7c8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

077ebe9f398a439d737573da50aad7c8_JaffaCakes118
Size

636KB
MD5

077ebe9f398a439d737573da50aad7c8
SHA1

f544611e6254b650566b119b73c545aa51a0f2ab
SHA256

e7366fae8d45fcf05703f73123d38da7f9b8b0786a93fe453f6294ce832734c1
SHA512

cc7e199cf2746e848ff93fb8226b784d8f4bf226c8ffd9ec6d59f2c0a2445de41023405161d3e4949ddbc9c490fd268ba56e16caa93f3d86b54c5e60d15c3b5d
SSDEEP

12288:9RlWX70ib+Fg8kX44OVARiM09L7qssFxmbEBD8+BXljfr+u:9Ruwib+u8kX44eARifLWssHoObBXljS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
077ebe9f398a439d737573da50aad7c8_JaffaCakes118

Files

077ebe9f398a439d737573da50aad7c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d2eaf1c0fb360a443f41182e5f269c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
VirtualProtect
GetConsoleCP
GetStdHandle
HeapReAlloc
WaitForSingleObject
WaitForMultipleObjects
GetModuleHandleA
GetAtomNameA
GetVersion
lstrlenA
LoadLibraryExA
CompareFileTime
CloseHandle
GetSystemDefaultLangID
GetCommandLineA
SuspendThread
GlobalUnlock
GetTickCount
InterlockedExchange
SetConsoleCP

gdi32

EngLineTo
GetStringBitmapA
CreateICA
EndPath
GetMetaRgn
GetFontData
Escape
DeleteDC
CreateFontA
Ellipse
CreatePalette
DeleteObject
GdiFlush
AbortPath
EqualRgn
GetTextColor
GetMetaFileA
FloodFill
BeginPath
GetRgnBox

winmm

PlaySoundA
CloseDriver
auxSetVolume
OpenDriver
auxGetVolume

secur32

AddCredentialsA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ