6f3f93284b70d2e900c9d3781ca32067_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f3f93284b70d2e900c9d3781ca32067_JaffaCakes118
Size

188KB
MD5

6f3f93284b70d2e900c9d3781ca32067
SHA1

b3503962b9344c7a71c5002b7562a814e3be8cf3
SHA256

74d2f839e03a484f835b95d827701fb91d6ee9d3f421199303078af4f5b3cc26
SHA512

34032ff3ec0a431bd0901735538866a746a37e00c7aac6d7914888242283aa10548add94cd4479f5e5a0dd22d2d7f4e499c5927db88ce1312ebc37463f36b96e
SSDEEP

3072:9Pjp/DdyIGyYaK3NOeRTe9M7I7y+Opn9lOVTGCCUF07F97yxPBoFWmxvAyc4n5ep:p1RpGyYBNZelOEkeFi7yxZw7c4E1yHf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f3f93284b70d2e900c9d3781ca32067_JaffaCakes118

Files

6f3f93284b70d2e900c9d3781ca32067_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f0a0e63686891caa96a8971e12a50691

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\pApnq\bdea\OnNbf\vlZdGgeu.pdb

Imports

comctl32

ImageList_ReplaceIcon
CreateToolbarEx
ImageList_Create

kernel32

CreateFileMappingW
SetCommTimeouts
SetCurrentDirectoryA
LoadLibraryW
lstrcmpiW
WriteFile
VerifyVersionInfoW
SetMailslotInfo
GetProcAddress
SetPriorityClass
GetTempFileNameA
FreeLibrary

gdi32

PatBlt
LineTo
GetBitmapBits
GetTextAlign
CreateBitmap
PolyBezier
EnumFontFamiliesExW

user32

GetWindow
LoadBitmapA
DeleteMenu
SetScrollPos
SetForegroundWindow
ScrollWindowEx
GetScrollPos
GetCaretPos
DefDlgProcW
GetWindowLongA
CascadeWindows
SetActiveWindow
EndPaint

Exports

Exports

?NtHyozOijyQewDkNprgpU@@YG_NG@Z
?eccbzUrcn@@YGEJ@Z

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ