c7ffa700a6efb27dfe764f121d8e7c78_JaffaCakes118 | Triage

Sharing

General

Target

c7ffa700a6efb27dfe764f121d8e7c78_JaffaCakes118
Size

107KB
MD5

c7ffa700a6efb27dfe764f121d8e7c78
SHA1

42ce5b9a9a655fec22fa005fbdccbae46e5a6c2b
SHA256

f23e8021a25d90d1237894751eae12b4611c6edc81f36eea42319ae5dcb15927
SHA512

ff49f3f9b762b573ff3752d316b973fb22f6efe7c711401aec1636b702cf630e1bfd4e93e326b96d77edb77b7f136dff2fd3729df2c6fbcbcaa45a0e3b649615
SSDEEP

1536:RqtREC/rMcgEPJV+G57ThjEC0kzJP+V5JRPr/F8J9seqGeDHveAgM8BWI7:AzECTMpuDhjRVJGfj/F8A9GezveATI7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7ffa700a6efb27dfe764f121d8e7c78_JaffaCakes118

Files

c7ffa700a6efb27dfe764f121d8e7c78_JaffaCakes118
.exe windows:6 windows x86 arch:x86

875666ad2f30ace9c1b97fa5f8c9272f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

SystemPropertiesDataExecutionPrevention.pdb

Imports

msvcrt

_controlfp
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs

sysdm.cpl

DisplaySYSDMCPL

kernel32

GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yhaipfx
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE