867cffbe1995c4891ba07c2b80b239b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

867cffbe1995c4891ba07c2b80b239b6_JaffaCakes118
Size

65KB
MD5

867cffbe1995c4891ba07c2b80b239b6
SHA1

d7da87f6244e820499ad72ea08426107a9a593c7
SHA256

2e4d6c5186afd0f45bf090ee26d81a4df34857af6e0f139c07ced261243c53e7
SHA512

f7849c724c78a1510bddcda41508e2c489be64f4718f3af2ed455a26c1079110bd6bb2e6845dc2a8693896786dd622873d004eb20d50fa38e7daae7f64b4db8e
SSDEEP

1536:pxtLuz2Zb+eB2O1x3DWH9Y1E13bBDeLNxSiWfPYJjWzOdTh4S86:BLF8x9Y1EdkSjPgjWzOdTh9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
867cffbe1995c4891ba07c2b80b239b6_JaffaCakes118

Files

867cffbe1995c4891ba07c2b80b239b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa5834aa544cc65768693b90311265c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
GetDiskFreeSpaceExA
GlobalFree
SetEvent
GlobalUnlock
GlobalLock
GlobalAlloc
VirtualAlloc
GetThreadLocale
DefineDosDeviceA

tapi32

lineSetCallData

user32

GetWindowThreadProcessId
GetWindow
TrackMouseEvent

Exports

Exports

Dbsmorwe
ReadAnqaqrvy

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yxvjrxp
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE