6697e3f579ac76c2fbe3a0522a916746_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6697e3f579ac76c2fbe3a0522a916746_JaffaCakes118
Size

432KB
MD5

6697e3f579ac76c2fbe3a0522a916746
SHA1

df0a50cea481cacf44050a747a88efdc3cefdaa8
SHA256

1e0d3ac2f37446cc140aa7c12578e3db5f796ea788cc57cee060087fbd8c8dc3
SHA512

cbb0ffa1df4863d0b4bf8efd4dfc3f7cb20853cdbcb5879aa567ae6f6daf697f248e9136204d0d5681a9dbec1cb023e72ee7e147ef1b42b7725fb7b5991ec8e8
SSDEEP

12288:cRkdIXNjH0Ok1+DW/+HsNZmCHn8Wjd8KWV:hdan6+HsNszWjd8j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6697e3f579ac76c2fbe3a0522a916746_JaffaCakes118

Files

6697e3f579ac76c2fbe3a0522a916746_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b0f3a1e8ea848c3f8389b4a484a80c7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExpandEnvironmentStringsW
CreateProcessW
VirtualQuery
SetLastError
WriteFile
RemoveDirectoryW
CreateDirectoryW
ExitProcess
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
CreateFileW
CloseHandle

gdi32

CreateFontA
DeleteObject
GetDeviceCaps
StartFormPage
GetBkColor

user32

IsCharAlphaW
IsCharAlphaNumericW
GetWindowTextLengthW
LoadStringW

setupapi

SetupCloseInfFile
SetupOpenInfFileW
SetupOpenLog
SetupDiGetDriverInfoDetailW
SetupLogErrorW
SetupCloseLog

Sections

.text
Size: 361KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ