cec80f5b73aef097c5dd88fb96a4651a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cec80f5b73aef097c5dd88fb96a4651a_JaffaCakes118
Size

38KB
MD5

cec80f5b73aef097c5dd88fb96a4651a
SHA1

f5a43d204a06edaa2b98af6badcd6ac5dc0e8ff8
SHA256

df5a10527f284dfa4b1e7910b0083c8ee7c5ddf96325921793cb836b0ae22f16
SHA512

06ce61ddeecad9c5e70babbe7791098e619629af9d210627822652c60ffce523b350f842e14f5bc3876361214505033be84f535aff3e27e1019ae6452b1ca035
SSDEEP

768:3RWtDE8edveE2tIUTgimrq5PAClSDrE3OCEDj8wXgKzCTN9HdmX:3REBFMUTgHrq54ClSs3OCE8oFGTN99

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cec80f5b73aef097c5dd88fb96a4651a_JaffaCakes118

Files

cec80f5b73aef097c5dd88fb96a4651a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b18e6385342f5e41a6f7eb6302aa76d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FoldStringW
FreeEnvironmentStringsW
MoveFileW
ReadConsoleOutputCharacterW
TransmitCommChar
WriteProfileSectionA

advapi32

EnumDependentServicesA
LookupSecurityDescriptorPartsA
ObjectDeleteAuditAlarmA
RegUnLoadKeyW
ReportEventW

user32

CloseClipboard
CreateIconIndirect
DdeCreateStringHandleA
DdeFreeDataHandle
DefDlgProcW
DrawIcon
DrawStateW
EndTask
LoadKeyboardLayoutA
SetActiveWindow
SetPropA
SetWindowsHookW
TileWindows
UpdateWindow

gdi32

CopyEnhMetaFileW
CopyMetaFileW
CreatePenIndirect
Ellipse
EnumFontFamiliesW
EnumObjects
ExtSelectClipRgn
FloodFill
GetICMProfileW
GetTextExtentExPointW
LineTo
PtVisible
RestoreDC
SetICMProfileW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE