6f29b0cb7c7498b5be86f1e22cfe8b70_JaffaCakes118 | Triage

Sharing

General

Target

6f29b0cb7c7498b5be86f1e22cfe8b70_JaffaCakes118
Size

147KB
MD5

6f29b0cb7c7498b5be86f1e22cfe8b70
SHA1

9c61b92a326364663967f6f4c35b88e7e9b06100
SHA256

5b98b8972e9606e028cde7085ae55120e193234dd1940aea5628b23656cc969a
SHA512

5f57fa3f39714e5148449781b9bcae92b9309d849331102fe8a0adb1c0db87f743ff3c61e45e093613d138a48600698980575dbf7d91b1ec4994d1ec07011762
SSDEEP

3072:j+I7kMzPnxWd/acRCmo21n3R5RxyKurg3HVL9WFrD:RYMzPAc6uCnhxAg3Hd9WtD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f29b0cb7c7498b5be86f1e22cfe8b70_JaffaCakes118

Files

6f29b0cb7c7498b5be86f1e22cfe8b70_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f2aa84b8b5dc8387edc78c2a13f3b292

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\xhdlEgj\jegbp\ioVJdeeg.pdb

Imports

shlwapi

PathGetArgsW
StrCatBuffW

user32

GetWindowRect
wsprintfW
SetScrollPos
GetMessageTime
LoadIconA
GetMenuInfo
CheckDlgButton
UpdateWindow
OpenDesktopW
MessageBoxW
GetMenu
FillRect
GetScrollPos
FindWindowW

gdi32

GetDeviceCaps
StartDocW
SelectObject
GetBitmapBits
GetTextFaceW
LPtoDP
DeleteDC
CreatePalette

kernel32

DisconnectNamedPipe
SetCurrentDirectoryW
SetCurrentDirectoryA
FindResourceExA
GetVersionExW
GetNumberFormatA
lstrcpynA
GetThreadPriority
GlobalDeleteAtom
lstrlenW
FormatMessageW
CreateFileA
FindFirstFileA
DeleteFileW

Exports

Exports

?bPjgafe@@YGPAFED@Z
?piQqLvijFjmvFvLUWMk@@YGFPAJ@Z
?yoIxmlfinLl@@YGGH@Z
?fQBmtzlZfcGvbsAiti@@YGGHG@Z
?akgcaxzZybCanbrsfozIJ@@YG_NPA_N@Z
?xUdhDesxrlFzrtJbJ@@YGEDE@Z
?xxjRzqYS@@YGXK@Z

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ