364e3dcf5a10ba0174f0b4856392484d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

364e3dcf5a10ba0174f0b4856392484d_JaffaCakes118
Size

66KB
MD5

364e3dcf5a10ba0174f0b4856392484d
SHA1

eb9c6695e6a6806d0c4b74194834ca92d69cb5b5
SHA256

0b28dd622976e138943cfa0b183813f0e5094a4c05c6572505f72956724f6b4b
SHA512

1b8c975c855f5f9a9f5fc86e7a3e6443431b5ce5373c2b68c086b244c4dd25ed90b8924ee73708c3af2df100fd75b735f36103a90a8880b9d020eb3f5f6bb2a1
SSDEEP

768:MlZNzax2mMBVG4IZTMQKwBEx2+yr48BzvleLKUKStpuKmtA/em28IIIzvsaPpc0c:2Z1axklqr48Bz9iTuKy/m2yKzpXW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
364e3dcf5a10ba0174f0b4856392484d_JaffaCakes118

Files

364e3dcf5a10ba0174f0b4856392484d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d653c842e7d8e67a32c492b439bba2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateHalftonePalette
GetBrushOrgEx
DeleteDC
GetCurrentPositionEx
CreateFontIndirectA
DeleteObject
GetPixel

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 453B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 335B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bbs
Size: 512B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ