c98c7411fde0d7f1848ef6d34b97d660_JaffaCakes118 | Triage

Sharing

General

Target

c98c7411fde0d7f1848ef6d34b97d660_JaffaCakes118
Size

117KB
MD5

c98c7411fde0d7f1848ef6d34b97d660
SHA1

a6f6129de07338f9f840e9033db272785d728636
SHA256

0c3136fb837cfaefc1a3f58023d6b1f2607c9385e8087cdf4d186e8c60d4eb8e
SHA512

ae9e4bdce7ac4aedbadf5cf903872ac7ed748f0be70c53d6509482003a7683afcb14f620715410d50e217086260f69492f4b595e1b38c11925d8a82730221b1e
SSDEEP

3072:X0s6eMDNkyDk+AfVB3rkvxIVLuxwdXR2HAn7Cp:5PkNjkTZwJbSRXn7C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c98c7411fde0d7f1848ef6d34b97d660_JaffaCakes118

Files

c98c7411fde0d7f1848ef6d34b97d660_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4ffc1e3200c8258b94104856109321f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\HFbmRpds\jtonxpqQS\uTwfwBv\lusoCdrdrz.gJx

Imports

kernel32

lstrcatW
SetLastError
VirtualQueryEx
LocalAlloc
GetStartupInfoW
GetOverlappedResult
HeapDestroy
DeleteAtom
GetCommConfig
FindFirstChangeNotificationW
SetStdHandle
LocalFree
GetCommState

gdi32

CreateBitmapIndirect
SelectPalette
GetTextExtentPoint32A
CreateEllipticRgnIndirect
CreateBitmap
IntersectClipRect

user32

RegisterClassW
GetKeyState
GetMessagePos
CreateIconIndirect
InSendMessage
GetNextDlgTabItem
DefWindowProcW
MonitorFromPoint
DestroyWindow
TileChildWindows
IsCharAlphaW
SetMenuItemInfoW
DrawIconEx
VkKeyScanW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ