468d501dee1d0cad7edae532284574f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

468d501dee1d0cad7edae532284574f4_JaffaCakes118
Size

1.5MB
MD5

468d501dee1d0cad7edae532284574f4
SHA1

69b66a52351962225610c7b3dd2b2e65391f67d5
SHA256

6859cf42ea4e8c42fb1f44e67995f814df76617f948f3997dc42c792fd1f49eb
SHA512

233e9956cdd0195d8910516f06cef273cd65ff49d78de8e0dda5f5c7ae0c521de38984a113fb3afb28f7cd799420c3aee94e9041bdc6a42efd7d70c7c0ac774a
SSDEEP

49152:1aCBD2XG8e7iU68XgYFDT07AgHLHD/TtJx:1aHX/+w2DToHL9Jx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
468d501dee1d0cad7edae532284574f4_JaffaCakes118

Files

468d501dee1d0cad7edae532284574f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5fa1577014a29e528ea8859470f693e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lopen
MoveFileExA
GetConsoleNlsMode
GetTimeFormatA

user32

DdeAddData
LoadCursorFromFileW
WCSToMBEx
LoadStringW
EnumPropsW
DdeQueryConvInfo
UserRegisterWowHandlers
BroadcastSystemMessageA
LoadMenuIndirectA
GetClassInfoExA
DeleteMenu

gdi32

bMakePathNameW
CreateDCW
TextOutW
PolyBezier
GetStringBitmapW
RealizePalette
GetFontLanguageInfo
SaveDC
CreateRectRgn
CreateDCA
IsValidEnhMetaRecordOffExt
EngStretchBltROP
RemoveFontResourceW
PolyPolyline
GdiGetSpoolFileHandle
GetColorSpace
AddFontResourceExW

Sections

.code
Size: 9KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE