86de42d21cfc23f658148349df3d257a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86de42d21cfc23f658148349df3d257a_JaffaCakes118
Size

156KB
MD5

86de42d21cfc23f658148349df3d257a
SHA1

f95111fe7c9a0842de103e58a2d0b0c521e3e572
SHA256

e5b408bb677c738c7f250e179eed68e050a65b11ad9c412a36f6c81b14e7cbb2
SHA512

01d86923c8ace61aecb249cbc19712aa4efe9951ec3f8e0b7881c88465f3a16219afb0694f4488f1847e9f8120f6f71fdf21ce3aa67e68804aad3b510508a3d6
SSDEEP

3072:e64vnztiL6+DvTHTLxTLEAdyYooU0rpe+tnMhoJvDYL6YA8qMHBtE:mIL6MvDhTihge+dMgvc+ehi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86de42d21cfc23f658148349df3d257a_JaffaCakes118

Files

86de42d21cfc23f658148349df3d257a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c5290e339bb9541f87a6d81e0fed8bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetMessageWaitingIndicator
SetThreadContext
ScrollConsoleScreenBufferA
WaitForSingleObjectEx
CreateTapePartition
OpenFileMappingW
GlobalGetAtomNameA
_lcreat
GetConsoleScreenBufferInfo
GetEnvironmentStrings
GlobalFindAtomW

user32

GetShellWindow
GetMenuItemID
PostThreadMessageA
SetWindowsHookExW
DialogBoxParamA
BeginDeferWindowPos
CreateAcceleratorTableA
GetClipboardViewer

gdi32

CreateRectRgnIndirect
PolyPolygon
SetPixelFormat
GetTextExtentExPointW
SelectPalette
PlayMetaFile
ExtFloodFill

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 894B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE