785d356e7ac39fa7fb0c84f9b40414c3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

785d356e7ac39fa7fb0c84f9b40414c3_JaffaCakes118
Size

84KB
MD5

785d356e7ac39fa7fb0c84f9b40414c3
SHA1

dcf0fb931584b3b422c943a5f551b2409db64e77
SHA256

416f3d0c3494e7e4b1c9c2986827297d4ed1dc4c8f5444dc6b4d40b7b642d56f
SHA512

391a377c98698a53785035f22d31a28430bb472f2da09b37a7b751fa3bfe9af4bd77b7f6de859ccf9558f954a2886c1ed206ecf205301948442e0c1c1e3b2f5e
SSDEEP

1536:TPEfU8n6+7/TXs0k2MDIQQgOb5v75krOKFAGmaeQe95DNSquOLdbnz/rS9Q:zsU8nN7/TXZKIQOb5vVkqKFRFevcfOLh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
785d356e7ac39fa7fb0c84f9b40414c3_JaffaCakes118

Files

785d356e7ac39fa7fb0c84f9b40414c3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

67983f51f9aab5996d32fb8e017b58a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Reaction\Media\Solar\GScamp.exe

Imports

user32

IsCharLowerW
GetForegroundWindow

shlwapi

StrToIntA

gdi32

GetTextFaceA
AddFontResourceA

kernel32

GetProcessHeap

Exports

Exports

��ounderNormal@723GPAUHINSTANCE__@@U_COMMPROP@@.K
?NormalLock@723GPAUHINSTANCE__@@U_COMMPROP@@.K
?NormalPointer@723GPAUHINSTANCE__@@U_COMMPROP@@.K
?NormalSpeed@723GPAUHINSTANCE__@@U_COMMPROP@@.K
?NormalWeight@723GPAUHINSTANCE__@@U_COMMPROP@@.K
?NormalXern@723GPAUHINSTANCE__@@U_COMMPROP@@.K
?NormalityCover@723GPAUHINSTANCE__@@U_COMMPROP@@.K
?NormalityQuan@723GPAUHINSTANCE__@@U_COMMPROP@@.K
?ReactNormal@723GPAUHINSTANCE__@@U_COMMPROP@@.K

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data5
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE