b928d4faf0a7276a1b425f275b7a5550_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b928d4faf0a7276a1b425f275b7a5550_JaffaCakes118
Size

25KB
MD5

b928d4faf0a7276a1b425f275b7a5550
SHA1

63a4b614af6a68eabd512d03b05b963e16f5baa5
SHA256

ed68e1b8b19192b74747ca200c020dbb247b46c74a790a4e62c39cc3b2daf0bd
SHA512

ce322ad6a003729202e139be782238bbefd9ae0a5e147e4c1e3572d919f8d52cf4c2b85b953a350425a2497ad4df27ba5044b2545842e3ba973cb1eb9f274035
SSDEEP

384:0drauxilWsW+38Rcv1LgOACUYmKYm0M7srCaeFM7FxbQfJ6PZV:0J1iosr3kc3mYPdR7suazjb6YP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b928d4faf0a7276a1b425f275b7a5550_JaffaCakes118

Files

b928d4faf0a7276a1b425f275b7a5550_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73e960cdbd718dbdedd8d636f860f57b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
EnumDateFormatsExA
GetConsoleCommandHistoryLengthA
lstrcpynA
BeginUpdateResourceA
CreateMailslotW
CreateJobObjectA
GetTempPathA
EnumResourceNamesW
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetCurrentDirectoryA

user32

SystemParametersInfoW
EnumDisplaySettingsExW
GetWindowModuleFileNameA
SendNotifyMessageA
DrawTextA
GetMonitorInfoW
DrawTextA
CallMsgFilterW

gdi32

CreateFontIndirectExA
GetTextExtentPointA
RemoveFontResourceExA
EnumFontFamiliesA
CreateDCA

Sections

.rdata
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 1024B - Virtual size: 859B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ