880869449b3b1f0c720c02197cc7957e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

880869449b3b1f0c720c02197cc7957e_JaffaCakes118
Size

176KB
MD5

880869449b3b1f0c720c02197cc7957e
SHA1

acb3921ff52c1f3a822d5698fd18b5b3f3ef8e7d
SHA256

1b29809ca76bb311517c5c46caf7a35699284da9f04f121ebaab133d9ca55531
SHA512

e0ebe5a4eac741d62af71ea41b64b05aad764783b31a5a2fade70a359dac80914fc5d21811c964c04db257f03703ef24e486ef29d1bf610e7268a49b36e6fda9
SSDEEP

3072:1jFacnjGa61/wQQgptKByN3MTYFqwvSXms3NhvKlI/hPdqkc97UdUn/iciqesdyf:/agGacYgp6ydMOJvSXRN4IZ1qZ9QOnYb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
880869449b3b1f0c720c02197cc7957e_JaffaCakes118

Files

880869449b3b1f0c720c02197cc7957e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82d7ffbdd9e3d4eeceddf429338bc132

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessIoCounters
DisconnectNamedPipe
SetFileValidData
ReadConsoleOutputAttribute
GetConsoleTitleA
GetConsoleCursorMode
GetACP
SleepEx
ExitProcess
VirtualAllocEx
CreateFileA
HeapAlloc
GetCommMask
GetOEMCP
GetStartupInfoW
EnumSystemGeoID
GetModuleHandleA
GetCurrentDirectoryA

authz

AuthzOpenObjectAudit

opengl32

wglMakeCurrent

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ