885bd15a8a72d4feca5bf5c547d7b3c5_JaffaCakes118 | Triage

Sharing

General

Target

885bd15a8a72d4feca5bf5c547d7b3c5_JaffaCakes118
Size

54KB
MD5

885bd15a8a72d4feca5bf5c547d7b3c5
SHA1

191c94237c86a5533530169102d307f37e2c5207
SHA256

cf5b61b72c540449bbcb86a6dcae62e369fce1d5311c8a5ad5744002602de946
SHA512

bfb2bc0662637ef9c6090accecaba27176de28117a7765b6e51743f803931533a8e05a8850713e9e6dc6a4a3c53940c55385547d4adf323fadfb57fd2abb2f62
SSDEEP

768:tCb4wGujOMBlUn8T8tLBs5tc6Eq2mMLjHx4giZOmR/2YSl/S5USU1U0TYi7TdCX+:44yBlUn8AeaFRZmReY0SqZeqYiym4Yn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
885bd15a8a72d4feca5bf5c547d7b3c5_JaffaCakes118

Files

885bd15a8a72d4feca5bf5c547d7b3c5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

298d1f989fc8c09fe52692a99e08902e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\umcRoBuwp\wZdkmNxKpT\phhHjnXkc\OeRvcRgLE.pdb

Imports

user32

SetRectEmpty
wsprintfA
TranslateAcceleratorW
UnionRect
TileWindows
SetDlgItemTextA
AdjustWindowRectEx
LoadMenuW
GetMessageA
CreateCaret
IsDlgButtonChecked
DragObject
PeekMessageA
CreateIconFromResource
DispatchMessageA

kernel32

CreateFileA
CreateThread
WaitForSingleObjectEx
FindResourceW
EnumResourceNamesA
TransactNamedPipe

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
floor
_XcptFilter
_exit
_cexit
__setusermatherr
__getmainargs

shlwapi

StrFormatByteSize64A
StrRChrW

gdi32

SetRectRgn
GetCharWidth32W
GetObjectA
CreateFontIndirectW
OffsetViewportOrgEx
GetSystemPaletteUse

Exports

Exports

?GeometryTranslate@@YGHPADK|U

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE