2d77a6d4fa2df29b094e290512b087a0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d77a6d4fa2df29b094e290512b087a0_JaffaCakes118
Size

179KB
MD5

2d77a6d4fa2df29b094e290512b087a0
SHA1

0a1dd7596d435cf4a6249348a038c7457f94a678
SHA256

590afe46bfa375cf000ad323a2744bdb108e3c27faa4b90080df0f64a0d94ab7
SHA512

5308b467bd8ae5474aea385c5577f00fd899f7640b24c88d8105aabd5addf19ef20493c3e4e55386eb1424b48286ee21b61034693a684b0076d540e0e4f72788
SSDEEP

3072:XtdJMFeVRmvAKQZsr96CcvqDrrL/EPl6jxOcFcMf4ocnZ5:XJMFeVI4K2sr96hw4P0jxL2jnL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d77a6d4fa2df29b094e290512b087a0_JaffaCakes118

Files

2d77a6d4fa2df29b094e290512b087a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb91a13063b45d9f5546ecd50005eebe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenSemaphoreA

user32

TranslateAcceleratorA
OemToCharW
AttachThreadInput
CreateCaret
MessageBoxExA
UserClientDllInitialize
GetLastInputInfo
PeekMessageA
DdeGetLastError
DdeQueryConvInfo
LoadLocalFonts
DdeConnect

gdi32

Rectangle
CreateCompatibleBitmap
GetDeviceCaps
GdiIsPlayMetafileDC
GdiGetLocalFont
GetFontData
GdiCleanCacheDC
GdiEntry16
CreateMetaFileA
SetPaletteEntries
AddFontMemResourceEx
AbortDoc

Sections

CODE
Size: 9KB - Virtual size: 794KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 164KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ