93b6be563db3f976b2f3ac7a587698ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

93b6be563db3f976b2f3ac7a587698ca_JaffaCakes118
Size

115KB
MD5

93b6be563db3f976b2f3ac7a587698ca
SHA1

f0142d38234ae29d4eba7499202000be77475346
SHA256

494d3e74e3c6007b96e9254023b6335601f95725a5b9ad3a33250d27e70e714f
SHA512

e972b7b306cd78caab0cdbf28ae37b522f5613d6ac3609a312752643ec4ffb06c97979629c284db937765aef0938fc6d9231ace94d43111158ec4b79bb3d9f33
SSDEEP

3072:BnuWB0CjQfqpdVY/+GjpojkzdI4MfkkzrecV9gmZ9:xf0CcQvY2opo4qzfkAVWmP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93b6be563db3f976b2f3ac7a587698ca_JaffaCakes118

Files

93b6be563db3f976b2f3ac7a587698ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

04057f5832da5231ccaa11abfea0116b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueueUserWorkItem
PrepareTape
GetModuleHandleW

ntdll

RtlAnsiCharToUnicodeChar
RtlAcquireResourceShared
RtlRestoreLastWin32Error
RtlTimeFieldsToTime

user32

SetMenuDefaultItem
LoadBitmapW
BroadcastSystemMessageExW

ole32

CoMarshalInterface

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
QueryRecoveryAgentsOnEncryptedFile

gdi32

GetBkMode
GetPixel
EqualRgn
EnumObjects
Ellipse
FillPath
GetClipRgn
GetTextColor
GdiTransparentBlt
SetWorldTransform
SetTextAlign
SetPolyFillMode
SetPixelV
SetGraphicsMode
SetBkMode
SetBitmapBits
SelectClipPath
PaintRgn
GetSystemPaletteUse
CreateScalableFontResourceA
Arc
RestoreDC

msimg32

AlphaBlend

dinput

DirectInputCreateW

shlwapi

SHRegCreateUSKeyA

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE