a883f0a989370c5600dcaf3747794a80_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a883f0a989370c5600dcaf3747794a80_JaffaCakes118
Size

111KB
MD5

a883f0a989370c5600dcaf3747794a80
SHA1

f23a7eff6d9cd830516f74573bfc3bcc469811bb
SHA256

1b7cbc213d30ef5b9eb46294341bb8b1831a3a9703a3f1c6aeef5f091c14ccb2
SHA512

53eceb5017ed47f3af2b4fb1c00f5028ec0db48b5a38b13c0bb052b7993a3b81e58041f80e7d5a94774749cf2bb2a65ac86f00cd663404d3ada94ddd8e4c3b78
SSDEEP

3072:W8tzwzBn90MBwwDLsWMpfvq1mJYlXkFapFaaL1Ufr:da9nSwnqtamJGXVFa21UT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a883f0a989370c5600dcaf3747794a80_JaffaCakes118

Files

a883f0a989370c5600dcaf3747794a80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97c1770361601ced061f0fcd8b2d5982

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StretchBlt
SetICMMode
SetRelAbs
ResetDCW
SetDIBColorTable
UpdateColors
SaveDC
TextOutW

shell32

StrRStrIW
SHAppBarMessage

kernel32

ExitProcess
TerminateProcess

Sections

.text
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE