22767363b32ebf8a92448b9118d0eb57_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22767363b32ebf8a92448b9118d0eb57_JaffaCakes118
Size

10KB
MD5

22767363b32ebf8a92448b9118d0eb57
SHA1

e4c315571883f4a86e434001884f0b48fc45ea61
SHA256

fa5719c84565758f5e483b7985b0f4e824e78539ce4f5e0949c131c3a4dd7c82
SHA512

595843d46ae2eb4bb858867cb405cfd2a436fca7d4ca7111478b0c1e419635d62cfe19a178aedbd84709b043aa3c1095b9ac64b499a3112b3876d0ef40e2249a
SSDEEP

192:qh9RgBMoF0xj3dQZSHgcd3/uYQtmgqM6/Vl:qyBMoF0ngG3WYQ563

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22767363b32ebf8a92448b9118d0eb57_JaffaCakes118

Files

22767363b32ebf8a92448b9118d0eb57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7323b9a4dbf54ea4d90bde2af1bcc538

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CopyIcon
GetMonitorInfoW
GetKeyboardLayout
MapVirtualKeyW
GetAltTabInfo
CallNextHookEx

kernel32

GetLastError
VirtualProtect
UnregisterWaitEx
EnumDateFormatsA
OpenConsoleW
LZOpenFileA
OpenEventW

gdi32

CreateBrushIndirect
ExcludeClipRect
GdiGetCodePage
GdiInitializeLanguagePack
SetTextColor

Sections

.text
Size: 4KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE