aff76b5fa0dc559cc3353fa328045f15_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aff76b5fa0dc559cc3353fa328045f15_JaffaCakes118
Size

180KB
MD5

aff76b5fa0dc559cc3353fa328045f15
SHA1

20009d73b7a80de6dc31e6b56a1329e5dc4f850d
SHA256

655479d2f43d715dbaf49f16eb572d893d3705a2c2e6fd0d17599f66aa904a74
SHA512

98c34bdafe36efc4e13f5164846751853c47a9e3bef03631cccf73d371f8e3a18bb0cb0604c818cc68628ecde427b0686c3872b040b776b52341917cfb1e8f74
SSDEEP

3072:Wo02lgyv8WRTrdL2TRZ7YGEGigPRjTGY4EgYKVTsd/Htb3+I19hAbqbiZq1F:WoxlX0EgTsnGigPhSY4EjATs33F1/YqF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aff76b5fa0dc559cc3353fa328045f15_JaffaCakes118

Files

aff76b5fa0dc559cc3353fa328045f15_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b5a45b4c0d9c6989f88d9712f0b4ce9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\TqrWttCOmEvQ\kyjivri\iulpcqpjzduxft\ypoXRphgdFYcIK\evXmlzv.pdb

Imports

user32

SetWindowPlacement
CreateCaret
EqualRect
RegisterWindowMessageW
DrawFocusRect
RegisterHotKey
ChildWindowFromPoint
AppendMenuW
LoadBitmapA
IntersectRect
GetCursorPos
EnableMenuItem
IsCharAlphaW
DrawStateA
InvertRect
wsprintfA

kernel32

GetModuleHandleA
TlsGetValue
GetFileAttributesExW
GetComputerNameA
SetFileAttributesW
LoadLibraryExW
MulDiv
GetShortPathNameW

shlwapi

StrRChrA

gdi32

EndPage
SetDIBits
StartPage
SetViewportOrgEx
SetBitmapDimensionEx
GetNearestPaletteIndex

msvcrt

strncpy
_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
wcscat
_exit
_cexit
__setusermatherr
__getmainargs
iswprint

Exports

Exports

?FutureProspect@@YGHPADK|U

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 413KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE