b9d587c45a7d5b56511d16c6edef3689_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9d587c45a7d5b56511d16c6edef3689_JaffaCakes118
Size

150KB
MD5

b9d587c45a7d5b56511d16c6edef3689
SHA1

6d2d0c5624756c18f2d09f975e47aabb5f1892e1
SHA256

615dad37d84e5e7cafaa62241629b2114af7d76aaf6baa724050b5c68b173978
SHA512

def6ad2ef990645732bded8768668c8d97897b38680ea84cf4bedb1503d7e07b7414c87a14ab04171891a2aa244aeb2939dff9ab43deb07f425e4c14c09d1244
SSDEEP

3072:rvinuDDHm21cli15u8isiMI7SspKTKdFotx2KOUbD:rau/Hm2+g15u8isiM4Ss8TKdFox4c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9d587c45a7d5b56511d16c6edef3689_JaffaCakes118

Files

b9d587c45a7d5b56511d16c6edef3689_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6a5551da9f5327a0f1f9acef538e968

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
TranslateMessage
ShowWindow
GetDesktopWindow
DispatchMessageA
GetParent
GetSystemMetrics

kernel32

IsDebuggerPresent
GetCommandLineW
CopyFileA
GetACP
GetDriveTypeA
RemoveDirectoryA
VirtualAlloc
GetWindowsDirectoryA
GetConsoleOutputCP
MulDiv
GetOEMCP
VirtualFree

gdi32

SaveDC
SetTextAlign
SetMapMode
GetDeviceCaps
RectVisible
SetBkMode
CreateSolidBrush
LineTo

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Apcsyjxf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ