4c35e26d039d232bf790785768975b5c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c35e26d039d232bf790785768975b5c_JaffaCakes118
Size

79KB
MD5

4c35e26d039d232bf790785768975b5c
SHA1

90e6ff55787512d953bc7f68a35290fe63b3563f
SHA256

1becb983b9cac5a1c89dbaa68100af492c88163937a24b34aa591479df607a51
SHA512

3902a5523f023b1a9d4e07b567b4e03f64f9a881da4adffca5343940e02d41d7ae22bc6911e673c0b369e5f1eb521df49c9f74d5b9a8a98a5d4622aed3e055c0
SSDEEP

1536:8dV51QI1xkBYX3+xkQSd/DRCg3ZUfJk8F5n3lFhcYPxPsdE3gh9LUJH6z:8T/QI1xvWSd7RCYiRk8Fx3iYpPs6Qjgw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c35e26d039d232bf790785768975b5c_JaffaCakes118

Files

4c35e26d039d232bf790785768975b5c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

47471fc6b207bbdfef6947908e439951

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetPriorityClass
GetProcAddress
GetModuleHandleA
GetCurrentThread
CreateSemaphoreA
GetModuleHandleW
GetVersionExA
GetEnvironmentStrings
VirtualAlloc
GetStdHandle
CreateEventA
GetTickCount
IsDebuggerPresent
CreateMutexA
GetStartupInfoW

user32

AnyPopup
GetWindowTextLengthA
GetDesktopWindow

gdi32

GetTextMetricsA
GetRasterizerCaps
AbortDoc
SetTextAlign
GetTextColor

crypt32

CryptMsgUpdate

setupapi

SetupLogErrorA

msvcrt

_onexit
__dllonexit
_controlfp
_except_handler3
memcpy
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ