968b8cbee80000a9cbf4980d5fbfc6da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

968b8cbee80000a9cbf4980d5fbfc6da_JaffaCakes118
Size

253KB
MD5

968b8cbee80000a9cbf4980d5fbfc6da
SHA1

f87775df7860e4e7aee37e221661579e4b3da67c
SHA256

a7124f2432a832338db25d7f8387152f830f36c4a26b327375331726ed89a99e
SHA512

1acc486ca9e3ae17c069d693677bdbbf2419354d8148032f974515d41358106f1fc5f4cbc70e8bff29953ce691e2fdcdfeedf73ad31d5f95c37e3782b2c03f01
SSDEEP

6144:end4rq3XxdtoX/gxlMcNUKaHvm3Tn7Bef0X4epd3IvCxUV759O+DUDjV:end/BbWIxlM8ymDd20X4epdYqSOOE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
968b8cbee80000a9cbf4980d5fbfc6da_JaffaCakes118

Files

968b8cbee80000a9cbf4980d5fbfc6da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d6087ceb5acbe66a02e0fa86d1359aba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

GetLastActivePopup
EnumWindowStationsW
SetForegroundWindow
ShowWindow
GetWindowRect
IsIconic
SetRect
GetClientRect

dciman32

DCIBeginAccess

kernel32

GetProcessHeap
GetModuleHandleA
SetStdHandle
GetLastError
ExitProcess
FreeLibrary
CloseHandle
CompareStringW
ExitProcess
LoadLibraryA

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bore
Size: 5KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ