95516a677bfac074195e1f204acfae3e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95516a677bfac074195e1f204acfae3e_JaffaCakes118
Size

160KB
MD5

95516a677bfac074195e1f204acfae3e
SHA1

037b4d66f451adeb093c0393a77e42c487d41407
SHA256

2717a820fc9f546a33db4b28cd99fff61c089aa1e2b2713e5f06d08138f9f0e4
SHA512

a562a2dd6ed73efc0737b2074b2ea64be2616839e1267e512382802be082ec7df530f13ecefc4ce09aba85ea8698b48217402e2f09a22009a1f57953cd83017b
SSDEEP

3072:RzKoEVs392h1Zk52k/oWhQL/2BKpttA0lj5T0VeCThUUOXb6Kx:NqVs392h1ZkPDhQz2st/gIClUUOXX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95516a677bfac074195e1f204acfae3e_JaffaCakes118

Files

95516a677bfac074195e1f204acfae3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7d99d3b19ec5c9fb2c9dff58fd38fe2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RequestDeviceWakeup
VirtualAllocEx
InterlockedExchangeAdd
SetConsoleMode
SetTapePosition
CreateFileMappingW

user32

GetMessageA
SetWindowsHookExW
OemKeyScan
RemoveMenu
ChangeDisplaySettingsW
SetCaretBlinkTime
IsCharAlphaNumericA
ShowWindow

gdi32

LineTo
CreateICA
CreateDIBitmap
RemoveFontResourceW
LineDDA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE