875d2bb2f0a266d211e695b17a7e9d6a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

875d2bb2f0a266d211e695b17a7e9d6a_JaffaCakes118
Size

51KB
MD5

875d2bb2f0a266d211e695b17a7e9d6a
SHA1

8fca3a215ba398eb31bb9b7721fdd8413229289c
SHA256

8eb9e68e4389a2110e8381732448c6551540c9158959d42c6f0d3369a641f23c
SHA512

98a3774cf8590f9dfd025d6ba5b31fd86b72f63df655b55f6cca7b432dc1ba4394123f4967018cc3398e9c6868b3840071837251639408ae29f162a00406ffd8
SSDEEP

768:Vo0qeaE6ItpXamHxVWYZHSO62trmfltMBCv1xkgQeDap:VseaqFWm62t0tMBC9xN1Dap

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
875d2bb2f0a266d211e695b17a7e9d6a_JaffaCakes118

Files

875d2bb2f0a266d211e695b17a7e9d6a_JaffaCakes118
.exe windows:22522 windows x86 arch:x86

c3101dbe7d4bd6ee5abd2012a4c0f72f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

TextOutW
DeleteDC
CreateCompatibleBitmap
TextOutW

user32

ReleaseDC
GetDC
UpdateLayeredWindow
ReleaseDC
GetSystemMetrics
PostMessageW
GetMessageW
LoadStringW
PostMessageW
LoadStringW

kernel32

GetCurrentThreadId
GetCurrentProcessId
VirtualAlloc
GetCurrentProcessId
LoadLibraryA
GetModuleHandleA
GetModuleHandleA
SetEvent

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ