1813904c8c92b8cfef3407cfa2111ab9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1813904c8c92b8cfef3407cfa2111ab9_JaffaCakes118
Size

59KB
MD5

1813904c8c92b8cfef3407cfa2111ab9
SHA1

6f91897b249db81010dce30e9c4902ea72d65fc5
SHA256

a70d71b3a8719696468ae81e781b2cbc6469c9aef0341f8db4f1378131795f00
SHA512

16442608e25768a583f43a25e48b3388f7ab845ed748d34a47754b09612170ba39b899f27ca7f5edcf8751c6df79f84fac500bba8f402d5425149f806ea520aa
SSDEEP

1536:E8qVo3TSUkdzP4bKYoZjzalez4RMVlSHFCoM:Rp3TSUGzP4bKYoVYezOMVlSF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1813904c8c92b8cfef3407cfa2111ab9_JaffaCakes118

Files

1813904c8c92b8cfef3407cfa2111ab9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4772df0687b3891569463314151d6267

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

user32

GetClientRect

gdi32

BitBlt

ole32

CoInitialize

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcrt

??2@YAPAXI@Z

Sections

pec1
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec2
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec3
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 41KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE