b11ea01513e57f2bccf998f737b8f38f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b11ea01513e57f2bccf998f737b8f38f_JaffaCakes118
Size

244KB
MD5

b11ea01513e57f2bccf998f737b8f38f
SHA1

72ba3b8fb58ce312272d40ca93eee912d75051bf
SHA256

8b456be6449ae18a2f6607ce476b2bbb887f015e9cd27a63480c2bc88e347d83
SHA512

eb90d78b9eb7f032d630afdffce2ca6754a5b559662d944790a382597f98126e80ca2d43c97a8c491c7c05fcb5db7aee13212972fdd6cd0bb26bf6bfd98b5687
SSDEEP

6144:DrEyxcisFAm2ZbUdVraiXurZXErX6/8Qf:DrEyf3edVWiXuNX+X6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b11ea01513e57f2bccf998f737b8f38f_JaffaCakes118

Files

b11ea01513e57f2bccf998f737b8f38f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f67dbeec6fe6cef979dabbba2545b7c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
WriteFileGather
GetShortPathNameW
CompareStringA
SetConsoleCtrlHandler
SetNamedPipeHandleState
SetFileAttributesW
SetEnvironmentVariableA

user32

CopyIcon
SetFocus
SetClassWord
ShowOwnedPopups
DlgDirListA
PrivateExtractIconsA
DdeKeepStringHandle
DdeNameService
DeregisterShellHookWindow
GetClipboardFormatNameW
DdeEnableCallback

gdi32

GetStockObject
GetRgnBox
ExcludeClipRect
SetWorldTransform
GetMetaFileBitsEx

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 806B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE