082c0fdd60c4596c86c46a356d5f7cc9_JaffaCakes118 | Triage

Sharing

General

Target

082c0fdd60c4596c86c46a356d5f7cc9_JaffaCakes118
Size

812KB
MD5

082c0fdd60c4596c86c46a356d5f7cc9
SHA1

67d284d3f753d31d2e13941e6bd36a9ed4a846a4
SHA256

4765889b005fe641d8b506645be309d56bb8ec2d1decba3a190d9402b7a4a061
SHA512

e93addf906e6475beed34e55af5dc0bf6aa76a15be6bcc3cd0f549ee4a5913fc2edc531688401e2b1f863fe62763bbdddad45559ca370831959a3ebf1bb75494
SSDEEP

12288:RPU9DI8AC4ZsAtzCnJ/b9Qn/ihn+t2bLRaLxB6tuIBzU98/tNeVul:RP/8D4m0G96n/7tqLMxAudOFl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
082c0fdd60c4596c86c46a356d5f7cc9_JaffaCakes118

Files

082c0fdd60c4596c86c46a356d5f7cc9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99c23c6f29e9d6166a39aa5bc004841d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileSectionW
SetThreadContext
WriteConsoleOutputCharacterA
LocalLock
PulseEvent
LocalFree
WaitForSingleObject
CallNamedPipeW
SetLocaleInfoA
WriteFile
SetFileApisToOEM

user32

MessageBoxIndirectW
GetClassInfoExW
GetClipboardSequenceNumber
InSendMessage
DrawIcon
GetGuiResources
MapWindowPoints
ShowWindowAsync
MenuWindowProcA

shell32

SHGetDataFromIDListW
StrRChrW
SHGetFolderLocation
InternalExtractIconListA
StrRStrW
Control_RunDLLW

gdi32

FlattenPath
CreateHatchBrush
EngCreateSemaphore
GetStringBitmapW
RestoreDC
EngCopyBits
GdiConvertEnhMetaFile
GdiSetServerAttr
SetPolyFillMode
PATHOBJ_vEnumStart
SetGraphicsMode
EnumObjects

Sections

.text
Size: 12KB - Virtual size: 9.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 716KB - Virtual size: 715KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE