761793b59b97eaec634f091a429d2c2e_JaffaCakes118 | Triage

Sharing

General

Target

761793b59b97eaec634f091a429d2c2e_JaffaCakes118
Size

127KB
MD5

761793b59b97eaec634f091a429d2c2e
SHA1

bd69df9524cf5d11b136599b14d1b53ac18d15f5
SHA256

7418f185c138361c2795f066d912f2a4df49138ced7ceaf9ec6fb9d0c3552274
SHA512

43bdf7f7189e99924830c8cd8c0a190ded903ad4bee30faf97dc968342ddb4d28ed69a5c6c89d35c8a84ef9f1e8cc70b3e6a536681650faf78a1ed4c5474649e
SSDEEP

3072:2EbKgRAHIVOjljPSqVnfzi6+nR7QXQ6nRWxTpgc6oo:2K9CHIVOhTSqVnfWn7QA6nRWxTyV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
761793b59b97eaec634f091a429d2c2e_JaffaCakes118

Files

761793b59b97eaec634f091a429d2c2e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ae2962b9a06477495a88c01415f3650f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetTickCount
Sleep

user32

SetMenuItemInfoA
RegisterHotKey
IsDialogMessageA
ChangeDisplaySettingsA
AdjustWindowRect
CreateWindowExA
CreateDialogIndirectParamA
GetKeyNameTextA

gdi32

CreatePalette
GetMetaFileA
SelectPalette
SetWindowExtEx
CreateFontW
CreateBitmap
CreateBrushIndirect
AbortDoc

Exports

Exports

PewAqg
PewDjohfs
PewEkns
PewEofspo
PewGmkkzi
PewIgqbzg
PewJd
PewJgl
PewKdv
PewLz
PewNogaq
PewQks
PewQzwvv
PewThmfkv
PewTjxyhb
PewUehlxy
PewVoe
PewXm
PewXsr
PewZkcg

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 387KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ