d05a6c59f839f6171d3206a0e972a20e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d05a6c59f839f6171d3206a0e972a20e_JaffaCakes118
Size

17KB
MD5

d05a6c59f839f6171d3206a0e972a20e
SHA1

60ba97e059f53a8abe26248d37eb46e39bbfeaa7
SHA256

d31a0fb37bc8aee8b82ce7570f875858f31925bfdbc4dc7d1839d966470034d7
SHA512

9d21a0ab1b0e272c720a37f8e83bd967c3591b400986a639b6919e7bc3599dbbaa29f533691cb16c5ee5e25df4c125c9ea15f12e0e2410376ba1e913779b6f63
SSDEEP

192:T6QyNXCFnrImaPCmZEWMOWHKcor7xm07vYfbXQhMuRK4lX6wzY1CCw3dVFc9fEsv:TrMmU9EWMOWvYkfDQdRdKw0M8M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d05a6c59f839f6171d3206a0e972a20e_JaffaCakes118

Files

d05a6c59f839f6171d3206a0e972a20e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd8f384f93a98613be5e7bcc0b1df42d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
RegisterWaitForInputIdle
GlobalAlloc
GetThreadLocale
VirtualAlloc
CopyFileExA
GlobalUnlock
GlobalLock

tapi32

lineSetCallData

user32

GetClassLongA
MapWindowPoints
GetRawInputDeviceInfoA
GetTopWindow
GetWindow

Exports

Exports

Ftbxvpsg
SetNxhicne

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ