078495e92ecccd4a3585c92f2aa8d753_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

078495e92ecccd4a3585c92f2aa8d753_JaffaCakes118
Size

40KB
MD5

078495e92ecccd4a3585c92f2aa8d753
SHA1

2c0920435f204d7f44849f9e5439b8f3ad5aca89
SHA256

5738470532b92af1c25b9a9594e532c3c37295244a924b972393389162a139bd
SHA512

0ee0c2ae769061b95052c51953ef55ca108169c906680729f1ac1908d54565825ef3352dcd07fbc2161efb150d4475103b2e89e30b61098e1ab183c0fc002a60
SSDEEP

768:GpyV350wCTTG67uLYMJIfyu6RCbU0YidyYA9V9AoAhI:Gk3fCTy6WI6upbXYLN9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
078495e92ecccd4a3585c92f2aa8d753_JaffaCakes118

Files

078495e92ecccd4a3585c92f2aa8d753_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c45c781ce306b9fcd9848a0415be5cb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
DeleteFiber
GetFileInformationByHandle
ReplaceFileA
SetLocalTime
GetExitCodeThread
GetLogicalDrives
CloseProfileUserMapping
AllocateUserPhysicalPages
SetCommMask
LoadLibraryA
EnumSystemLanguageGroupsA
FlushFileBuffers
GetLocaleInfoA
OpenFileMappingW
lstrcmpiA
GetShortPathNameA
EnumResourceLanguagesA
BackupSeek
GetAtomNameA
VirtualFreeEx
SetThreadLocale
EndUpdateResourceW
SetConsoleDisplayMode
ContinueDebugEvent
GetLastError
VirtualLock
MoveFileWithProgressW
ReleaseSemaphore
BeginUpdateResourceA
GetStdHandle
InterlockedDecrement
VirtualProtectEx
GetProcAddress
_hread

user32

SetCapture

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE