b7b5f893ee1f5cb76c1ada311dc1e480_JaffaCakes118 | Triage

Sharing

General

Target

b7b5f893ee1f5cb76c1ada311dc1e480_JaffaCakes118
Size

26KB
MD5

b7b5f893ee1f5cb76c1ada311dc1e480
SHA1

244840b3db0b23866665a472ce9f650b0ca2e0b6
SHA256

d08df58e46a2256457b3f9030040b21e27e8d3dbb44c7aec8442242a01ff8eea
SHA512

c739f5e054dc9e450921f876ac7e00e02e005823b97833bb556557a79bd0f278fa41152e70ab6f50e37931772baf20a17757470170b22291a048ea21854be50b
SSDEEP

384:mq1aZOiccccccccccccccccccccccccccccccccccccccccccccccccccccccccI:B1Ank7UTyiWy/o7KHw2a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7b5f893ee1f5cb76c1ada311dc1e480_JaffaCakes118

Files

b7b5f893ee1f5cb76c1ada311dc1e480_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8417d280e82ae868f36061aa54018b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
lstrcatA
lstrlenA
FreeLibrary
GlobalAlloc
GetFileSize
LocalAlloc
GlobalFree
GetVersionExA
lstrcpyA
GetStartupInfoA
GetStdHandle
CreateEventA
Sleep

gdi32

ExtTextOutA
GetObjectA
LineTo
CreateCompatibleDC
GetTextMetricsA
GetTextColor
BitBlt
SelectObject
MoveToEx
GetTextExtentPoint32A
CreateSolidBrush
DeleteObject
PatBlt
GetPixel
SetROP2
SetPixel
CreateFontIndirectA
GetDeviceCaps
GetBkColor

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1011B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ