b098d911c325a188fc869238788e1863_JaffaCakes118 | Triage

Sharing

General

Target

b098d911c325a188fc869238788e1863_JaffaCakes118
Size

115KB
MD5

b098d911c325a188fc869238788e1863
SHA1

da48352abbe38b8412f0c34b8b81f591e8c0a7e1
SHA256

448a8a006bfd88495d5786856cfcf6d489cc36b90e5ca67ca395ebd73d0eb1e1
SHA512

0ca8b79a67e2ad61a204fefb5e8b55d58d5cbd252df8422e428112fc893bf10f664b0ab04f727d3511d182e00a61bd5ddedfff8fb4f2a74bccce34600db48524
SSDEEP

3072:DHeggwmpIf0UhOpGUAYAR4TaBRVGhI1SQGTUyX2qZtJu06:DHdYpIs8G9AhsaB++u2q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b098d911c325a188fc869238788e1863_JaffaCakes118

Files

b098d911c325a188fc869238788e1863_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8267abee3aa96d52d3dfb1cbe4b1222b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualAlloc
GetCPInfo
HeapLock
HeapAlloc
HeapSize
GetConsoleCursorMode
HeapUnlock
Sleep
Process32Next
HeapFree
GetProcessAffinityMask
GetDiskFreeSpaceA

comctl32

DrawInsert

Exports

Exports

Xdbofoj
Ixyomjcd
Yioiuoag
GetMwryptk
Prtmhqf
InitLkhojis
SetHtivlny
OpenCtyxagmwo
WriteYirikrsuni
ReadKlbacaemyuv

Sections

.itext
Size: - Virtual size: 52B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ