a370e9bc625d18588307535f399cda6b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a370e9bc625d18588307535f399cda6b_JaffaCakes118
Size

61KB
MD5

a370e9bc625d18588307535f399cda6b
SHA1

3e483dc14176e91a0af8dfcf42db527e1e1fa919
SHA256

0bfb8c8cf47919cec50f933fc2a473580470b16fd924d735987a6bd26ba10a70
SHA512

37655d060d7534b9c7d22bb6afc6ffc859df96673c81538ab3353cd9adf058d61c18ea5103b8d75877862fc7001dc662ed50d8904ea299cf5566b4a6a6b894a7
SSDEEP

1536:5eLfSRpjtKwTy9FHv98m7HNPBdRqpvpf1:YLfSRttdyfl8cZdRYxf1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a370e9bc625d18588307535f399cda6b_JaffaCakes118

Files

a370e9bc625d18588307535f399cda6b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7c776c67da7288a80f9ee9632dc0ce1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\iwkAg\wkojP\hwup\tVnkz.pdb

Imports

gdi32

GetTextCharsetInfo
WidenPath
SetBrushOrgEx
EnumFontsW
CreateICW
OffsetRgn
MoveToEx
GetROP2

kernel32

GetStdHandle
SetUnhandledExceptionFilter
lstrlenW
GetCommandLineA
lstrcatW
Sleep
DefineDosDeviceW
TlsSetValue
GetSystemDefaultUILanguage
GetHandleInformation
GetUserGeoID
CloseHandle
SetPriorityClass
WaitCommEvent

user32

ToUnicodeEx
OpenDesktopW
LoadBitmapA
CopyRect
EqualRect
wsprintfW
OpenInputDesktop
CheckRadioButton
GetFocus
DrawFocusRect
SetWindowPos
CreateDialogParamW
SetCaretBlinkTime
InvalidateRgn

Exports

Exports

?yfrOfbEjtFfbGiEatNk@@YGMMK@Z
?ilYWQPoHrXuhozVcxSati@@YGFJG@Z
?KevdnSbefedro@@YGHHI@Z
?hccsEzkPhkuJtg@@YGPANE@Z
?dkkxnufyCtbbl@@YGPAE_NJ@Z
?trrufOqkbqZjZpSflqoe@@YGPAMPAG@Z
?lyyLznpueemgzw@@YGFPAK_N@Z

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ