d9bb7618036ec67835e2f56a3dab7e7e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9bb7618036ec67835e2f56a3dab7e7e_JaffaCakes118
Size

72KB
MD5

d9bb7618036ec67835e2f56a3dab7e7e
SHA1

17d9ea5d14d78c4b0b77b5cb2f914ac00944f949
SHA256

a240d7b63ef3b3e3acbc22bb3dee696580dad2cdae935c3d2fe4b53517d32c41
SHA512

4d6da0c21019853772b8648ec9dbed9ab4c0bdf5149de1e896eea643989497fa7ef58ee6ca4612ce0fcf16ec726c0c4a39f678149934c5d1afea5e44e7078b23
SSDEEP

1536:jQpFqIEslKJSCr+oydDonVCN/fUlwNB1EIxDaKOXbewB9anFl/Dbz:kyItKJSdonV8f8wWIxuK0rBAnvz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9bb7618036ec67835e2f56a3dab7e7e_JaffaCakes118

Files

d9bb7618036ec67835e2f56a3dab7e7e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3fc27fba1b0b5ecdf25c5197f405214

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetCommandLineA
GetConsoleCP
GetModuleHandleA
GetVersionExA
HeapAlloc
HeapCreate
WaitForMultipleObjects

advapi32

RegFlushKey
OpenProcessToken

ole32

CreateAntiMoniker
IsAccelerator
IsEqualGUID

setupapi

SetupPrepareQueueForRestoreW

olepro32

OleTranslateColor
OleCreateFontIndirect
OleCreatePropertyFrame
OleLoadPicture

user32

GetKeyboardState
GetNextDlgGroupItem
SendMessageW
VkKeyScanExA
FindWindowExA

Sections

.text
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ