9fdfc1969553faa4e9ca89703dbdfffc_JaffaCakes118 | Triage

Sharing

General

Target

9fdfc1969553faa4e9ca89703dbdfffc_JaffaCakes118
Size

145KB
MD5

9fdfc1969553faa4e9ca89703dbdfffc
SHA1

4eedafa3cdde1ad7fb86b1c65fe6c3731766e67c
SHA256

a2d242fe4d90fca605f176e8376a9111ce0e90684cbf49fafea4065ac98e2ad2
SHA512

d5bfde1bc71f61f10ba46fe664c9e616359124989af6611876820a9ab83cf41f20527026fc59155075894cfbc576b1eebe4e9734361786cba46598e1610ad824
SSDEEP

3072:ITFpY/L9fGGR5eULvXt3CgsOpoOHD8fsJrYAW9p:ITFe/LTRMkXt3lDObfiWn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fdfc1969553faa4e9ca89703dbdfffc_JaffaCakes118

Files

9fdfc1969553faa4e9ca89703dbdfffc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

6e353fc4f5a441da7915159e5c144025

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

QueueUserWorkItem
MulDiv
SetCurrentDirectoryA
ExitProcess
VerifyVersionInfoA
OpenEventA
GetDllDirectoryA
GetEnvironmentVariableA
VirtualAllocEx
CloseHandle
WriteProfileStringA
MultiByteToWideChar
GetConsoleCursorMode
EnumSystemLocalesA
GetFileTime
GetVersion
FindVolumeClose
WriteConsoleInputA
SetConsoleTitleA
GetProcessId
GetCommTimeouts
CreateMutexA
MulDiv

winspool.drv

EnumPortsA

user32

ModifyMenuA
GetMenuDefaultItem
FindWindowExW
GetCaretBlinkTime
RegisterShellHookWindow
CallWindowProcA
DefWindowProcA
GetScrollBarInfo
FindWindowExA
GetWindowTextA

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 95KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ