d991661bafa251d06be4189c13e36856_JaffaCakes118 | Triage

Sharing

General

Target

d991661bafa251d06be4189c13e36856_JaffaCakes118
Size

348KB
MD5

d991661bafa251d06be4189c13e36856
SHA1

9ef63ef5f234c7296f5a67939624de410027755f
SHA256

f5b4f89b6b1dc85c733d49b2eef0b2b23dcc1c3a2914a1f01a6b4fc651c231ec
SHA512

a0a58043bf13688693006ba1ab990c3406afcb553927f69578f6ad8c1f1b14ff603878459b9ee0f38e7289beb97e95213672430018d9edebbee5054d28b8b649
SSDEEP

3072:alJp9tUQmCcTrslffmseKdNZO+SrEtvFkn5mhFvKR8mewZ6LhBojSC0AmYNwmLb:8ZLZ25KFO89y6L8mC0AmYNwQlzp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d991661bafa251d06be4189c13e36856_JaffaCakes118

Files

d991661bafa251d06be4189c13e36856_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a95414d26b8500c3cf59c7d638417b35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

PDB Paths

6zyA6@267=HPS.C|dMqd4-qaN|yjm.pdb

Imports

winscard

SCardCancel

version

GetFileVersionInfoSizeW

kernel32

IsSystemResumeAutomatic
GetLongPathNameW
FindNextVolumeW
GetCalendarInfoEx
GetModuleHandleW

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT1
Size: 283KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

yP
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ