86f6a5cd3ef43e870fa2ad48a3fad878_JaffaCakes118 | Triage

Sharing

General

Target

86f6a5cd3ef43e870fa2ad48a3fad878_JaffaCakes118
Size

71KB
MD5

86f6a5cd3ef43e870fa2ad48a3fad878
SHA1

75ef03deb9d49859a108a2878e58a3fa8a0d127b
SHA256

d7e557bfe5f0848781823724aeadc963debf6362bc34a83adad8bed89cdc841c
SHA512

b52c66b928200d3e6e5ab7549c882d06d43630057002b4e8e369a7f4a2f10b343e00308e4e4d71f7d43645ef5fc387ab797a86e63e36418e10f464c2c893ad33
SSDEEP

1536:zfZuacUNQdAoDULIoMI8lhF4aHLsqS1afc4qzC7bSQEVSJno1n:zfga2LJFZ1HoefTKQy2o1n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86f6a5cd3ef43e870fa2ad48a3fad878_JaffaCakes118

Files

86f6a5cd3ef43e870fa2ad48a3fad878_JaffaCakes118
.exe windows:5 windows x86 arch:x86

62a15b574729801214ea1f52cc94d28e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWriteWatch
GetThreadIOPendingFlag
SetConsoleMenuClose
ClearCommBreak
GetEnvironmentVariableA
VirtualAlloc
UpdateResourceA
HeapQueryInformation
GetFileAttributesExA
VirtualQueryEx
WriteConsoleOutputCharacterW
GetNumberOfConsoleInputEvents
GetExitCodeThread
GetLastError

user32

OpenDesktopA
MessageBeep
RealGetWindowClass
TranslateAccelerator
IsCharUpperA
OpenInputDesktop
DlgDirSelectExA
CallMsgFilter
SetMessageExtraInfo
IsZoomed
PostThreadMessageW
GetDoubleClickTime
GetSysColorBrush
DialogBoxParamA

Exports

Exports

Goxbqddmk
Dopckxhf
Swgijtci
Uhbniydp
Dhpnixciqg
Oixtryca
OpenMsiovpddhks
Frowuap
SetEggptdakjkh
AddUrbylyklsv
IsVdigjxba
EndBgjspniabch
Xmgdjrvffoa
Knjgbula
Qakalkpeh
Nnqdoxepova
Cfpvtoj
Vstkoiu
CloseDtkkpdmhvf
Cjvaywlodb

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ