07aac9df3f0210d42684f03141f1bbbe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07aac9df3f0210d42684f03141f1bbbe_JaffaCakes118
Size

111KB
MD5

07aac9df3f0210d42684f03141f1bbbe
SHA1

e3258ec7017ed89030add51d179dd032d1a3b648
SHA256

7d58d46fe43a267f841dd5c7ca711e684a50aa1865cd1e4149aaf2417652e1f6
SHA512

0044ffb21bd8574d47e7d95ef95df6ed98c0b90fc4d25f99005459a249d687139f15790fbd4da8cc14b2dbb57813a3c6b80099dea469df03c93125b8995f361d
SSDEEP

1536:mqfA35h0D/h1jyPAEdPz+S4qQy2QMgC42K38J/GyvxWgAI0j50f/zTgufOBxAz93:mqfAvQ/LjZoPkQHC4p/YB/z09gN96Dy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07aac9df3f0210d42684f03141f1bbbe_JaffaCakes118

Files

07aac9df3f0210d42684f03141f1bbbe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97c1770361601ced061f0fcd8b2d5982

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StretchBlt
SetICMMode
SetRelAbs
ResetDCW
SetDIBColorTable
UpdateColors
SaveDC
TextOutW

shell32

StrRStrIW
SHAppBarMessage

kernel32

ExitProcess
TerminateProcess

Sections

.text
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE