409e69b822a3d72a27d3437291921a9e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

409e69b822a3d72a27d3437291921a9e_JaffaCakes118
Size

38KB
MD5

409e69b822a3d72a27d3437291921a9e
SHA1

821399344bdafd34a9a66fa9707f39fbe55c78a0
SHA256

9fcdf4cd23a64fd3c6e3cb603e15e636d9959483a56c89757f16dd0f23b3c59d
SHA512

1764fad5cfcbe8e92fd558d4e819cf6ba5e18686ca0b6a67c1022e619ece5e84fad95598598fefe9f1c2b1d7c9b8382c14255f5d1d277d1fc53eb64468ee44a9
SSDEEP

768:VTL4fC7GC4JxrC4eMOrSAdH4mhlqlnjk9+kHU7WX00F6+C:VTLokGzvC2U1Hflqljk9+kHk90F6+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
409e69b822a3d72a27d3437291921a9e_JaffaCakes118

Files

409e69b822a3d72a27d3437291921a9e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e59998dd9e0ae7abf7dd285b16d58cb6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyIcon
CreateIcon

kernel32

VirtualProtect
TerminateProcess
GetLastError
CloseConsoleHandle
WriteProcessMemory

gdi32

EnumICMProfilesA
StretchDIBits
GetEnhMetaFileBits
GetCharABCWidthsFloatW
FrameRgn

comdlg32

GetFileTitleW
GetOpenFileNameW
ReplaceTextA

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE