75a0619c1c72d9cc38831e0d93623cfd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75a0619c1c72d9cc38831e0d93623cfd_JaffaCakes118
Size

128KB
MD5

75a0619c1c72d9cc38831e0d93623cfd
SHA1

4974c192372ce89ab2df576e6c4582d405b0143d
SHA256

edc39d06a449b797372306b4cde43f8af477515e90e0fbd6394b1b2f18b3a362
SHA512

d75ce1957e1d22a4286e3db950dc88892fcbbb79ee156b9c2141678b9bd6cdc639a2f764e416b9b1a44abc8ea9bd666fea04dfc42d8a251db5fc2f9430ff0824
SSDEEP

3072:sPpV9BX7SS1fZI0cKS/c+Jcd/wnE5YaOS1SSqGFtoxdip3sRX:0RR7SS1fZI0/l+cdKT/S1FcY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75a0619c1c72d9cc38831e0d93623cfd_JaffaCakes118

Files

75a0619c1c72d9cc38831e0d93623cfd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a6289663ddd3e91eb57259479c227c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
RaiseException
LoadLibraryA
GetProcAddress
CheckNameLegalDOS8Dot3W

user32

CreateCaret
SetProcessDefaultLayout
ReasonCodeNeedsComment
GetKeyboardLayout
ChildWindowFromPointEx

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 398B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ