664141c2744c8abf397e4af29a407f86_JaffaCakes118 | Triage

Sharing

General

Target

664141c2744c8abf397e4af29a407f86_JaffaCakes118
Size

825KB
MD5

664141c2744c8abf397e4af29a407f86
SHA1

8bbb994ed7c0731b0ec15d4a48b92916bb892a29
SHA256

1dd1a3acac3cd85e1044029a930bf2cb743f92e8801c0caafc310432553dc5d4
SHA512

025098c1ca528fe30c3f80eb82656e56d802535c9f92d99e0009311fdb6c4fa6ffa46bca4c566f2561e05756028e8f34a56ff9227124273dc44655e690a443b9
SSDEEP

12288:cw6CMmjYMiI5ZP1kSbbHYgGgiHiWTHaZY6MRNZH32O2Y/OtOnonDXLh+y3hy:x6C9pPiSbMDNTL9Ze+K7My3U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
664141c2744c8abf397e4af29a407f86_JaffaCakes118

Files

664141c2744c8abf397e4af29a407f86_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d82352923126e6d44907a12e52fc84b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_initterm
_wtoi
asin
_wcsicmp
_ultow
_stricmp
memset
memcpy
_vsnwprintf

kernel32

GetUserDefaultLCID
LeaveCriticalSection
EnterCriticalSection
VerLanguageNameA
LoadLibraryExW
FormatMessageW
GetTickCount
CreateEventW

ddraw

DirectDrawCreateEx
DirectDrawCreate

Sections

.text
Size: 571KB - Virtual size: 570KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ