3063c12ed5976892e2e7cb6d8a4adc12_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3063c12ed5976892e2e7cb6d8a4adc12_JaffaCakes118
Size

420KB
MD5

3063c12ed5976892e2e7cb6d8a4adc12
SHA1

ec7012a1f88f603b912af784842fb2939e79cb56
SHA256

e8ba48313ced26f9a1fd8391dd406fdf936b118f1b9817579c1569101037bb39
SHA512

61ae1bf3aa222cf5b50de0bb811910b1b8ec7b7ec6685175a6cf3a4cc30bfa18e472d04c3071f97c62657e82e9379dffc3ddae947c6823df31f42aacac122d6d
SSDEEP

12288:lt3Z4P84maI3bjhEPBU3lqspe3Z9CxZkTZ8ST:v3a4aW9B/k3LC0m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3063c12ed5976892e2e7cb6d8a4adc12_JaffaCakes118

Files

3063c12ed5976892e2e7cb6d8a4adc12_JaffaCakes118
.exe .ps1 windows:22253 windows x86 arch:x86 polyglot

e68bd70dff5bd21a8b259b6e885defec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
SetTextColor
BitBlt
DeleteObject
SelectObject
SetBkColor
GetStockObject
SetTextColor
MoveToEx
CreateCompatibleBitmap

user32

ReleaseDC
GetSystemMetrics
ShowWindow
PostMessageW
LoadStringW
PostMessageW
GetSystemMetrics
GetWindowRect
LoadStringW
SendMessageW
ReleaseDC
GetDC
SetTimer

kernel32

SetUnhandledExceptionFilter
FreeLibrary
VirtualAlloc
GetACP
LoadLibraryA
GetCurrentProcess
GetCurrentProcess
GetModuleFileNameA
LocalFree
GetModuleHandleW
GetModuleHandleA
GetCommandLineW
ExitProcess
VirtualFree

advapi32

RegQueryInfoKeyW
GetTokenInformation
AdjustTokenPrivileges
RegSetValueExA
RegCloseKey

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 391KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ