6a111fb35ad71ae45b800eb837990fc3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a111fb35ad71ae45b800eb837990fc3_JaffaCakes118
Size

182KB
MD5

6a111fb35ad71ae45b800eb837990fc3
SHA1

a936ccdfc5b8c9bb5a0d27d95a68835097cf5182
SHA256

55355a99fb786ba4627ede6d2c3fa94fd3b246912117d8ac4c2b5ebe89ab5850
SHA512

168c917e42ca03c66a22f6bbe34f841d43fab2c6f2df49b45c6108543e34e210461c50e4ca05d314e11b9af557fa2fd8c28a2a91b2125126f1cc0605074cb039
SSDEEP

3072:EsSZCY31OhMEx2eJ92AI8L/a79NSRhw1whCcuVth0wftl9luM/LDUn3Bw2hX0hPF:E6g1Oh1zL2AI8Dc9sRhmwh4t51lruIUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a111fb35ad71ae45b800eb837990fc3_JaffaCakes118

Files

6a111fb35ad71ae45b800eb837990fc3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1942ac5bdb74274802f5e00669c737d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

A:\fBuTWir\acKo\vblxv.pdb

Imports

kernel32

PulseEvent
HeapReAlloc
IsBadReadPtr
lstrcmpiA
LocalFree
GetProcAddress
lstrcmpiW
LocalAlloc
DeleteFileA
GetModuleHandleW
SetFileApisToOEM
lstrlenW

gdi32

GetRgnBox
Escape
CreateHatchBrush
GetDIBColorTable
GetMapMode
GetNearestColor
CreatePolygonRgn
DeleteDC
LineDDA

ntdll

_aullrem

user32

CharUpperW
GetKeyState
ScrollWindowEx
CheckDlgButton
GetScrollPos
AdjustWindowRect
GetTopWindow
GetWindow
TrackPopupMenuEx
LoadIconW
SendMessageW
ClipCursor
CopyImage

Exports

Exports

?mmlbPfUKcpWj@@YGXIPAH@Z

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ