b62cfc5fd8ff60415952584ac0b96917_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b62cfc5fd8ff60415952584ac0b96917_JaffaCakes118
Size

92KB
MD5

b62cfc5fd8ff60415952584ac0b96917
SHA1

a49bac5b523b833f7e4251f76a8f9bbd2ca1baaa
SHA256

c3a1a033d291138148f8ef1c9b98167017d11eb41c020c6724b83035d718de37
SHA512

9209cd01c6f6439c17e0d62c0ae565400934789396bf0221886ab6b8a5198f1165f78217e9ee5881db78628d5567810745ced0743de27381f5b5f932d6208bcf
SSDEEP

1536:2C4an2LGIHJOpl/VZiVy+PWQGw6ocJd4MOTIJWmvsa1vBepDcVy:Rg/s3iQ+PWQGfz4MOSUj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b62cfc5fd8ff60415952584ac0b96917_JaffaCakes118

Files

b62cfc5fd8ff60415952584ac0b96917_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a8245a9c9b1f68d2317eda1c58a3ae7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\eDRfa\cyzg\fXukm\ncogb.pdb

Imports

gdi32

GetStockObject
EnumFontFamiliesW
CreatePalette
Ellipse
EndPage
CreateDIBSection
RectInRegion

kernel32

GetConsoleAliasExesLengthW
lstrcpyW
FreeEnvironmentStringsW
lstrcmpiA
lstrcpynA
GetDateFormatA
CompareStringA
FindResourceW
GetSystemTimeAdjustment
GetEnvironmentStringsW
GetSystemTime
GetStdHandle
IsValidCodePage
IsDebuggerPresent

ntdll

memset

user32

LoadStringW
GetMonitorInfoW
GetDlgCtrlID
GetMenu
IsWindowEnabled
DrawFrameControl
SendDlgItemMessageA
TrackPopupMenuEx
GetDlgItemTextA
CheckRadioButton
IsCharAlphaNumericW
DrawIconEx
DrawTextW
ExitWindowsEx

shlwapi

StrCmpW

Exports

Exports

?_Yubgzuaevkytvlwst@@YGKN@Z
?RtNhausnysaecmpkthtc@@YGPAGG@Z
?RlvavoGsvC@@YGKHH@Z
?CoHwtePfmafcY@@YGJI@Z
?_ChIxAdeteBd@@YGG_N@Z

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ