41ee1ad2d77e7f94d87640b21eeb676d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41ee1ad2d77e7f94d87640b21eeb676d_JaffaCakes118
Size

6KB
MD5

41ee1ad2d77e7f94d87640b21eeb676d
SHA1

2c7dc2cc23d342ba9361967d1701ad8693c85856
SHA256

571662a1c3cc6749c18fc48011cc0e1663392753125d74d1d64b010c29d0cedb
SHA512

b803c6b9d64be4627aa2516991d89589d1d5613f957c09b79f86bc0d485b45cb1441bd2583db04e73da502b73225d607ded787f1d49f74bec7bfcad904aa1a6f
SSDEEP

96:DEJVtTnULUkwqKSZpCEl8DDrcja/rgmFsB2jb7+1uu3qZG:gJVtDULUkAO4E6vrXgEsKHu3uG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41ee1ad2d77e7f94d87640b21eeb676d_JaffaCakes118

Files

41ee1ad2d77e7f94d87640b21eeb676d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fce107f6860545527ce9825bf8b0262f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetConsoleKeyboardLayoutNameW
OpenFileMappingW
OpenWaitableTimerA
GetCommandLineW
EnumResourceTypesA
LCMapStringA
ReadConsoleInputExA

user32

DlgDirSelectExA
DrawTextExW
GetKeyboardLayoutNameA
EnumDesktopsW
DlgDirSelectExA
GetClipboardFormatNameW
ChangeDisplaySettingsW
DialogBoxIndirectParamW

gdi32

CopyEnhMetaFileW
EnumICMProfilesW
RemoveFontResourceW
CopyMetaFileW
CreateICA
GetGlyphIndicesA
EnumICMProfilesW
TextOutA

Sections

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 850B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 807B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ