6f36f32610fb2e6b134cae32956f65e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f36f32610fb2e6b134cae32956f65e9_JaffaCakes118
Size

174KB
MD5

6f36f32610fb2e6b134cae32956f65e9
SHA1

fd40049f2364410bd16b943a261a1d4ead83f6c4
SHA256

1ccf3a43b5469b02451db5157db615fca9214915263415906efc0596fa66cd22
SHA512

a7684534205e309a83e66976132e5889cca0a6c57847bf2e886df49af5c97bd669710e4686cae85e353827440715be4d93724def0eb9c57025bb7ae8e535543b
SSDEEP

3072:hOTZxxVjn08f5zBj2XzuCzSd14NAdI/2wJE1ynlgTE94j/pil/NQJh8R/f:hOT7xVV5IuC+17AS1K9vl/mPk/f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f36f32610fb2e6b134cae32956f65e9_JaffaCakes118

Files

6f36f32610fb2e6b134cae32956f65e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

672b4738758937d05dffc779f29719f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetCapture
ExcludeUpdateRgn
GetWindowInfo
InvalidateRgn
ValidateRect
ReleaseCapture
GetCapture
ValidateRgn
GetUpdateRgn

kernel32

FreeLibrary
FileTimeToLocalFileTime
GetNextVDMCommand
CompareStringA
SetEnvironmentVariableW
LocalFileTimeToFileTime
SetThreadPriority
GetShortPathNameW
FindResourceW
SetCurrentDirectoryW
EnumResourceNamesW
FindNextFileW
FindFirstFileW
SystemTimeToFileTime
GetLocalTime
GetStringTypeW
RegisterWaitForSingleObject
SetErrorMode
LoadResource
FileTimeToSystemTime
FindClose
SearchPathW

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ