4b0813d30c7b8d48480f3d91f83cbd21_JaffaCakes118 | Triage

Sharing

General

Target

4b0813d30c7b8d48480f3d91f83cbd21_JaffaCakes118
Size

176KB
MD5

4b0813d30c7b8d48480f3d91f83cbd21
SHA1

ed61b6cb8a5aa8e8c8d7fdaf1a57541dcb70b3ea
SHA256

df1f2e7405d67dbf283e1177b110304cf9cefe7ee192b523486d17244a3bf01e
SHA512

e73bb4a2b3ed6186ab1e1cbbf95608b4a69950212fbcb5188de7461b8c1f56fdc66a0101545b5e75d1b9ef2950b23411b69d5cf10248d58694ef3d5cc4b10cca
SSDEEP

3072:so02lgyv8WRTrdL2TRZ7YGEGigPRjTGY4EgYKVTsd/Htb3+I19hAbqbiZq1F:soxlX0EgTsnGigPhSY4EjATs33F1/YqF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b0813d30c7b8d48480f3d91f83cbd21_JaffaCakes118

Files

4b0813d30c7b8d48480f3d91f83cbd21_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b5a45b4c0d9c6989f88d9712f0b4ce9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\TqrWttCOmEvQ\kyjivri\iulpcqpjzduxft\ypoXRphgdFYcIK\evXmlzv.pdb

Imports

user32

SetWindowPlacement
CreateCaret
EqualRect
RegisterWindowMessageW
DrawFocusRect
RegisterHotKey
ChildWindowFromPoint
AppendMenuW
LoadBitmapA
IntersectRect
GetCursorPos
EnableMenuItem
IsCharAlphaW
DrawStateA
InvertRect
wsprintfA

kernel32

GetModuleHandleA
TlsGetValue
GetFileAttributesExW
GetComputerNameA
SetFileAttributesW
LoadLibraryExW
MulDiv
GetShortPathNameW

shlwapi

StrRChrA

gdi32

EndPage
SetDIBits
StartPage
SetViewportOrgEx
SetBitmapDimensionEx
GetNearestPaletteIndex

msvcrt

strncpy
_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
wcscat
_exit
_cexit
__setusermatherr
__getmainargs
iswprint

Exports

Exports

?FutureProspect@@YGHPADK|U

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 413KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE