5b176e309035ac79370d8c828c70deed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b176e309035ac79370d8c828c70deed_JaffaCakes118
Size

240KB
MD5

5b176e309035ac79370d8c828c70deed
SHA1

bf5df33920248f6906a8a1778ce54690e5f009a0
SHA256

6d9c115daab04fec7124a82cbb36bd196b0377b114d2d6c41df589317a67936a
SHA512

ffa7466919b5d2013f226e6a848070ad1e09860070d1d48a7228df3726e7014b1a627aff3deeed5d3f7429880badf956dd74892a1da436c1364b188e76a93f05
SSDEEP

6144:D5p+roLGg908uFeC4TpbO7rkGomtddnM82qq/YPU4xbQ0:DEoiB4C4t0btvZOLYs47

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b176e309035ac79370d8c828c70deed_JaffaCakes118

Files

5b176e309035ac79370d8c828c70deed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27527f66e34bbf813498d47af7bd5ef0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
OpenSemaphoreW
GetWindowsDirectoryW
GetProfileSectionW
PostQueuedCompletionStatus
GetLogicalDriveStringsW
EraseTape
VirtualProtect
ReadConsoleOutputA
WriteTapemark
DeleteFileW
GetTickCount
CreateFileW
VirtualFreeEx

user32

AppendMenuA
RegisterClassW
CheckMenuItem
DdeConnectList
GetClipCursor
IsCharLowerA
CreateCursor

gdi32

GetICMProfileA
SetEnhMetaFileBits
ArcTo

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 762B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE