d0b94db7fc6e789b3d6a58ef69202db6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0b94db7fc6e789b3d6a58ef69202db6_JaffaCakes118
Size

6.3MB
MD5

d0b94db7fc6e789b3d6a58ef69202db6
SHA1

da2745bc59563749d682fe7e564031bc8a478232
SHA256

0771e5eb66922fbf1213c8cffd8739bba496c71e9c7165362fa4de021457fdce
SHA512

2dde3f38018042856a95e6c38abbfe679d4e9c7c118e5336dfea84970126bd15dbd2d854c55dbbbcf2f5d93659a3dc5c075001af3b2972b89549d4d0e12738ad
SSDEEP

98304:qGDQUXGyiudaWSgS+1BpGfuuuuuuuuuuuuuuKuuuuuuuuuuuuuuuuuuuuuuuuuuu:qGrXGOxSgSkBVJ1uGwpP3OVa9gM5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0b94db7fc6e789b3d6a58ef69202db6_JaffaCakes118

Files

d0b94db7fc6e789b3d6a58ef69202db6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

94049ca68080f4af0a2c3ced9d5bf54b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA

user32

GetForegroundWindow

gdi32

GetTextMetricsA

winmm

midiOutReset

winspool.drv

ClosePrinter

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

OleUninitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

inet_ntoa

comdlg32

GetFileTitleA

msvcrt

malloc

iphlpapi

GetAdaptersInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 872KB - Virtual size: 872KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ