a0465bf4f27b8c4f5604af50926dcc89_JaffaCakes118 | Triage

Sharing

General

Target

a0465bf4f27b8c4f5604af50926dcc89_JaffaCakes118
Size

97KB
MD5

a0465bf4f27b8c4f5604af50926dcc89
SHA1

795cfc702138cc9e0a5c78d8cd75d9791bf06748
SHA256

2a7777f7596e26c222440ccc449733dd188ba4d3acaf2cb7b89d9de37ebe7120
SHA512

b66bfba3787f9815bd055ed933c2f99d8529434c2f1248a9001390cfbe98926494bf097e68496cb266b8e5de113238eb4ca21b720ee73159a07396043f8ff9b1
SSDEEP

3072:MQFFeza/Yn1SIrFiwTQt3/6Zz/ZuKWDzfu:MQFFo1SI5iwTQt3/acKWD6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0465bf4f27b8c4f5604af50926dcc89_JaffaCakes118

Files

a0465bf4f27b8c4f5604af50926dcc89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e40074ed5ffd246de9e5e56a822162f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA

ntdll

RtlExtendedLargeIntegerDivide
PfxInitialize

user32

ReleaseDC

advapi32

QueryAllTracesA

gdi32

StrokePath
SetRectRgn
SetArcDirection
SaveDC
WidenPath
GetGraphicsMode
GetCurrentObject
FrameRgn
ExtSelectClipRgn
EqualRgn
DeleteDC
PatBlt
CancelDC
CreateCompatibleBitmap
CreateDIBPatternBrushPt
CreateDiscardableBitmap
CreateHatchBrush

rasapi32

RasGetConnectionStatistics

shlwapi

PathCommonPrefixW

dinput

DirectInputCreateA

Exports

Exports

MsUQLTPhgsfHfuxiRzrIoS
TVT8mxNUoL8wgv
VaybEvt8TL
bHcASzXX

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE