d398dc68baedb1413f80904070c4b407_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d398dc68baedb1413f80904070c4b407_JaffaCakes118
Size

4.7MB
MD5

d398dc68baedb1413f80904070c4b407
SHA1

e2f2156151150cb2c77732f1142b77891af9ac55
SHA256

0ec8fd14dd76646a314279656a78ca0df60b959690bfbe7350cc9024346173c4
SHA512

986bee9c8007a0d264c70fbf7dad0958a498422eb2a01806218cabf4f9491c590d7276c5813c1f51b84a64b45dfdb05443a96b729d992792b4363f9da2a97ac7
SSDEEP

98304:srUMvkptM4UfArnBipFsb+UIyChjoKC96g:sTMnBMWb+U/C1oR9T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d398dc68baedb1413f80904070c4b407_JaffaCakes118

Files

d398dc68baedb1413f80904070c4b407_JaffaCakes118
.exe windows:5 windows x86 arch:x86

033d5338619c8609811dced5789462c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
VirtualAlloc
TerminateThread
GetEnvironmentVariableA
CompareStringA
SetFileTime
SetInformationJobObject
GetExpandedNameA
SetConsoleLocalEUDC
WritePrivateProfileStringA
GetEnvironmentStringsA
SetLocalTime
SetCalendarInfoA
GlobalMemoryStatusEx
EnumSystemCodePagesA
GetConsoleCP

user32

DdeGetLastError
LockWindowStation
DeleteMenu
SetScrollInfo
GetRawInputBuffer
RegisterSystemThread
SetCaretPos
CreateDialogParamA
ChildWindowFromPoint
GetWindowTextLengthA
CopyIcon
ModifyMenuA
CharLowerBuffA
GetMenuItemID
DdePostAdvise
CreateIconFromResource

Sections

.text
Size: 4.4MB - Virtual size: 7.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 310KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ