ad90a74e989ca1b51c904962e288f214_JaffaCakes118 | Triage

Sharing

General

Target

ad90a74e989ca1b51c904962e288f214_JaffaCakes118
Size

191KB
MD5

ad90a74e989ca1b51c904962e288f214
SHA1

227df49ffe1c6839ea1e65cdd7a298b52d36dc00
SHA256

7585b7f9e62b5781ce2a4eee01ab582f7d37f380cb8470c373d503fa2b36b041
SHA512

910b2ce55e9fcc19ea128d62ee2455184a67c8ec583922fae56c87cf8ae56353e17b91c81e9e1adcca51899392d4924c977f615471a2f879937857c1a503edc9
SSDEEP

3072:mDuFTNa+k+Khn/CoFmi0MdHcv8hmL6J73/Fri1MacNeo8:mMTNa+k+Khn/CoFBHckhJvFm1MacN/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad90a74e989ca1b51c904962e288f214_JaffaCakes118

Files

ad90a74e989ca1b51c904962e288f214_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb518d3b95b13bfb56db7c773feab88f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessIoCounters

user32

SetUserObjectInformationW
GetAltTabInfo
WinHelpA
DrawStateW

shell32

SHFileOperation
DragQueryFileAorW
ShellExecuteExA
DllUnregisterServer
SHEmptyRecycleBinW

gdi32

EngWideCharToMultiByte
SetMiterLimit
EndPage
GetPixelFormat
GetTextExtentExPointWPri
EngGetPrinterDataFileName
ExtCreateRegion
GdiFlush
GetDeviceCaps
GdiAddGlsRecord
SetMetaFileBitsEx
EngLoadModule
EngFreeModule
EnumFontFamiliesW
StretchBlt
GdiEntry1
EnumFontsA

Sections

.text
Size: 9KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 177KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ