d3fdb4f4f094b46baffb6bb84e918ed8_JaffaCakes118 | Triage

Sharing

General

Target

d3fdb4f4f094b46baffb6bb84e918ed8_JaffaCakes118
Size

496KB
MD5

d3fdb4f4f094b46baffb6bb84e918ed8
SHA1

0e194425e866ef211972c3b84c82464fd9ceb097
SHA256

e94caa8cdf3f794d97a18f59742dcb3a546232dbed13c2ca919827cdf6c33235
SHA512

abd1fc0a9ff2fa0f7931ae962ee693946e6a90f7b977a1172c93afecdb69ee81c52408d9a69df02226d53800ded01de7e6067c55b218b20fe77ea26601e61862
SSDEEP

3072:xlM+IdcIO0d4pnuGN1PN9QAAQ8RJiLU7kyw4m7yyf1li5wVGsd3rQhmNCTwkhzUB:xXUO0enRp5PYgyfK3AjhljW+leI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3fdb4f4f094b46baffb6bb84e918ed8_JaffaCakes118

Files

d3fdb4f4f094b46baffb6bb84e918ed8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

260626ad804336e9602a438ff43007bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

EWJERj#@$Jtejwre.pdb

Imports

user32

EnableWindow

gdi32

EndPage

advapi32

RegSetKeySecurity
GetCurrentHwProfileW

wininet

FindFirstUrlCacheEntryExA
FindNextUrlCacheEntryExA

secur32

FreeCredentialsHandle

shlwapi

StrChrNW

kernel32

FindFirstFileExW
GetModuleHandleA
GetBinaryTypeA

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 321KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ