167e85b1f4415e66139b917203bcbb27_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

167e85b1f4415e66139b917203bcbb27_JaffaCakes118
Size

864KB
MD5

167e85b1f4415e66139b917203bcbb27
SHA1

8c3d24a1dc02e496417fa19175c65a578e35f09f
SHA256

08fa2db563f8d640794c8c6ae29429f24b99c0f73fe39b3fb3534c74f518a2f3
SHA512

197481a8a925812ef9f2d4818f29ca674f93a36f47c62ce9a48595b1c57a2b39e8bc8b8eda00166d05f108c6634cf0981203c0f4a324a4ba3159886a895e8e64
SSDEEP

24576:dyaaxKJbjgTEhhTpZAXM5b09NTGHRY+S:wa3oTEX9KBmxY+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
167e85b1f4415e66139b917203bcbb27_JaffaCakes118

Files

167e85b1f4415e66139b917203bcbb27_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00a08b4bdf4042f6bea9646bc50c2609

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegOpenKeyExA

dinput8

DirectInput8Create

gdi32

EnumFontFamiliesA

imm32

ImmIsIME

oleaut32

SafeArrayCreate

shell32

ShellExecuteA

user32

ChangeDisplaySettingsA

winmm

timeGetTime

wsock32

inet_addr

d3d8

Direct3DCreate8

mss32

_AIL_shutdown@0

ole32

CoInitialize

Sections

.text
Size: 852KB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE