d4267e0391c372fc6a14cea6d61b88ac_JaffaCakes118 | Triage

Sharing

General

Target

d4267e0391c372fc6a14cea6d61b88ac_JaffaCakes118
Size

276KB
MD5

d4267e0391c372fc6a14cea6d61b88ac
SHA1

17d33205539e154aeac9d0fdd0383fff74a6eb70
SHA256

d88fe70e5b035c5bdbc6b65fbbb2fc572bacf6a7a20d1c77d9e0bdd3f36bdd5f
SHA512

5c20c13a775e22be7baec0c71c339dcb214a18a58a8d9855dff85f6c77b16a5cd46ed3e651c59a7cbe3d5468f0146bdaa82699e15322236e98c258ee912cb4ed
SSDEEP

6144:r0uXHIGHgVi4K76RBOiaN8nS5K/YC75t1M3U8C2wfuKLlGd6XC:rZHIQx4KOnOTcSMYk5t11BrfZxi6y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4267e0391c372fc6a14cea6d61b88ac_JaffaCakes118

Files

d4267e0391c372fc6a14cea6d61b88ac_JaffaCakes118
.exe windows:5 windows x86 arch:x86

47299a7fd52e6e711f71b02d935572cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

HL02Khf2Y-Qko2p.pdb

Imports

user32

GetAncestor
GetTopWindow
GetDesktopWindow
CreateMenu
CheckMenuItem
SetActiveWindow
IsWindowEnabled

kernel32

GetFileType
SwitchToThread
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetThreadUILanguage
GetCommandLineA
GetProcessVersion
SetFileApisToANSI
SetHandleInformation
GetCurrentProcessId

crypt32

CertFindCertificateInStore

gdi32

GetArcDirection
SetROP2

winscard

SCardTransmit

setupapi

SetupGetIntField

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ