c9866a6f359936dec699ca107b1aa0fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9866a6f359936dec699ca107b1aa0fd_JaffaCakes118
Size

210KB
MD5

c9866a6f359936dec699ca107b1aa0fd
SHA1

827a67e14383f7486743e1976d5bb63ee6a08a82
SHA256

bbf43ff72dacbdb53eafd73028151b0df0b9402990fdb94cc9d757f9c9dd9511
SHA512

b39ba2d5e661c47ef8b4f0d9594e9913cdcc38179ff211692b66b5128f621cb19414ef01509ef08639ad1d9bfc643adc14354006da46351be8e1869d8caf0d7f
SSDEEP

3072:rdWjtbE9yeS/bTESVCDo5rz5xaGsMTXFYybjoC6ueYEO9wlDQ8N:xWjFeibTESVHP5Hmyz6ueW8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9866a6f359936dec699ca107b1aa0fd_JaffaCakes118

Files

c9866a6f359936dec699ca107b1aa0fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

251e2a8060546c01f649cd0eeaba5b53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameW
GlobalFree
GetProcAddress
GetCurrentThreadId
SetHandleInformation
LoadLibraryW
GetLastError
EnumResourceTypesW
GetModuleHandleW
ExitProcess
GetCurrentProcessId
UnhandledExceptionFilter
CreateFileW
CloseHandle
GetVersionExW

msvfw32

ICClose
ICOpen
ICSendMessage
ICDecompress

user32

SetWindowPos
EnableWindow
GetFocus
RedrawWindow
SetCursor
CreatePopupMenu
SetParent
InvalidateRect
TrackPopupMenuEx
IsWindow
DestroyMenu
LoadCursorW
ClipCursor
GetDesktopWindow
PtInRect

ole32

StgCreateDocfile
StgOpenStorage

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ