70c852d61882723c50d94792d20a749d_JaffaCakes118 | Triage

Sharing

General

Target

70c852d61882723c50d94792d20a749d_JaffaCakes118
Size

26KB
MD5

70c852d61882723c50d94792d20a749d
SHA1

283c5495f4f128b207c9a9229ff1b9c0cd2144d1
SHA256

28b99cae3fb221a7b12bf4265fc64b1f582ae0f8bc17e348c0c27a9f7456f824
SHA512

cca45a8fc9f015d674f0af5c9f3059f4bab195107e3aa01b7e40593f232c1153f1478cab9a3196f5b52f8e9dbf91f6aed1bf6cc6f9a142683df4e753bee461e5
SSDEEP

384:xp6n/33lZmNP6wxuTpnqS/C4ucnqQOjn1O8cNC8uou+zF3kfRjKLRLM:OeNCwxAVqQynujk+wf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70c852d61882723c50d94792d20a749d_JaffaCakes118

Files

70c852d61882723c50d94792d20a749d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1873f6f9a20c1e37e19a501d568ae086

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
BaseCleanupAppcompatCacheSupport
GetVolumePathNameW
FillConsoleOutputAttribute
GetEnvironmentVariableW
TermsrvAppInstallMode
SetConsoleCursor
EnumDateFormatsExA
SetThreadPriorityBoost
AddConsoleAliasA
GetSystemDefaultLCID

user32

SetUserObjectSecurity
WaitForInputIdle
CreateWindowStationW
UnpackDDElParam
DdeAccessData
GetKeyState
GetClassWord
SetWindowContextHelpId
WaitForInputIdle
GetUserObjectSecurity
ChildWindowFromPoint
VkKeyScanExA
CloseWindowStation
SetProgmanWindow

Sections

.text
Size: 23KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 327B - Virtual size: 327B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ