081db9cfad2704a1b0291b6771275ad3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

081db9cfad2704a1b0291b6771275ad3_JaffaCakes118
Size

134KB
MD5

081db9cfad2704a1b0291b6771275ad3
SHA1

6d2aba178274e6833e6bb5fbe5731b6c334c5bff
SHA256

c5b4ce67b0d02855e8493153b4b4a3da10ca2d97f4749052ebc14cf343ad8570
SHA512

27c732dc67b44791330213b1dba6b2b49b9dd8ac72707a792c5b36d4c1c4049f05695e0f9f9e190f0ea6c8b72214e9853b71cc915e808c9b1a0018f37b240a4c
SSDEEP

3072:jXvDeMpTAi+ne/2lEKkQD4MCngy3YGXNMVE2pp98tt2//7i:jXaGF+eSEvgk9MG2pD/O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
081db9cfad2704a1b0291b6771275ad3_JaffaCakes118

Files

081db9cfad2704a1b0291b6771275ad3_JaffaCakes118
.exe windows:1 windows x86 arch:x86

4d469ea0b40d05fd439b7e49e1681345

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memcpy
__getmainargs
exit
__p__fmode
__set_app_type
_exit
_controlfp
_XcptFilter
_initterm
_acmdln
__setusermatherr
_except_handler3
_adjust_fdiv
__p__commode

kernel32

VirtualProtect
HeapAlloc
HeapCreate
GetStartupInfoA
GetModuleHandleA

user32

AnimateWindow
CharNextA
ActivateKeyboardLayout
FindWindowA
GetActiveWindow
GetWindowDC
CharPrevA
BringWindowToTop
CreateWindowExA
GetDC
CharLowerA
CallNextHookEx
AnyPopup
CascadeWindows
CallMsgFilterA
GetForegroundWindow
LoadMenuA
BeginPaint
AdjustWindowRect
CharLowerBuffA
CharNextExA
AppendMenuA
CharPrevExA
ChangeClipboardChain
ArrangeIconicWindows
DialogBoxParamA
AdjustWindowRectEx
GetMenu

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ