77cb53f692b93a30ea169a606e3f2c86_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

77cb53f692b93a30ea169a606e3f2c86_JaffaCakes118
Size

808KB
MD5

77cb53f692b93a30ea169a606e3f2c86
SHA1

4841cc73ad3033b1d412c8488ac4e505bb6f9843
SHA256

b88fe4d039eb839e61c68ce8abe82a04d278c2471edd90fcee852e9cfe3ae4f3
SHA512

71caeaede64c29ec8159239c68b4fe9dfe1d7589873803d06c7545278c125e7e94696d08314fca4b6e38a8b93697d264bb6303f1b8e749810e6304e790196434
SSDEEP

24576:7xewLgY5dxL33wdybNS41jWJq4EnPYu8/SN:7pLdPRAdyBbjUqtPYh/S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77cb53f692b93a30ea169a606e3f2c86_JaffaCakes118

Files

77cb53f692b93a30ea169a606e3f2c86_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3498d8a6258d3c1b40ad990bdc9430e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PrivMoveFileIdentityW
GetEnvironmentStringsW
LockFile
FormatMessageW
IsBadReadPtr
ClearCommBreak
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

DdeNameService
SendDlgItemMessageA
CharUpperBuffW
GetGuiResources
OemToCharW
SendMessageTimeoutW
ChangeDisplaySettingsExA
OemToCharBuffW
UserClientDllInitialize
OpenWindowStationW
SetFocus
DdeQueryStringW
PostMessageW
SetWindowTextA
InternalGetWindowText
InvalidateRgn
ResolveDesktopForWOW

gdi32

GetROP2
GdiIsPlayMetafileDC
GetLayout
AddFontResourceA
GdiInitSpool
EnumFontsA
SetICMProfileW
EngCopyBits
CreateDIBPatternBrushPt
GetPaletteEntries
EngMultiByteToUnicodeN
AddFontResourceExA
XFORMOBJ_bApplyXform
GetTextExtentExPointA
GetTextExtentExPointI

Sections

.text
Size: 8KB - Virtual size: 9.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 716KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE