6920d16f5c6ea16cba47435cf975efd5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6920d16f5c6ea16cba47435cf975efd5_JaffaCakes118
Size

259KB
MD5

6920d16f5c6ea16cba47435cf975efd5
SHA1

30ee168569687e735f0bd5916a8be62e7ccdc386
SHA256

b984baf76ce3b3ca3c0a6b8ce7136621548b2aa0f215437c654514ce1ec26e30
SHA512

fd86c0649df32bed25ba44c42d5092606d6b0166a50c3165da5a7253d2102fbbb235756ae28f7715f753c06ea2f259b35e7b533874dbfe6b044287f391a50d42
SSDEEP

6144:Q7VnZLYZaxm8e0ZismOWAgVJMUjDgREcd7T24:IVZLY8I8eerP1fUl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6920d16f5c6ea16cba47435cf975efd5_JaffaCakes118

Files

6920d16f5c6ea16cba47435cf975efd5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5bc39efae3e00838bc37885bc65d1794

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetUserDefaultLangID
GetDriveTypeA
GetModuleHandleA
GetCurrentProcess
DeleteFileW
GetCurrentThread
GetModuleHandleW
GetConsoleOutputCP
VirtualAlloc

gdi32

ExcludeClipRect
SetMapMode
SetWindowExtEx
OffsetViewportOrgEx
RestoreDC
SetColorSpace
MoveToEx
GetDIBColorTable
GetDCOrgEx
SetBkMode
BeginPath
LineTo
UnrealizeObject
SetViewportOrgEx
EndDoc
GetStockObject
SetBrushOrgEx
EndPath

user32

GetMessagePos
CharNextA
GetDesktopWindow
GetInputState

comctl32

InitCommonControls

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 991B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ