da435a6c99c68221d135dc2776c418ff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da435a6c99c68221d135dc2776c418ff_JaffaCakes118
Size

142KB
MD5

da435a6c99c68221d135dc2776c418ff
SHA1

69993a923bf514fdf8bb011433911f16ff7bc400
SHA256

fdb51189fa3fb8870feda9b03e795c2280f297a0c9bad0eaa65cd7218adbce6b
SHA512

6a9b556eb01d5f8c14962a0ff252c5a1ebc86d05f27fe5f4332dd9079bef4c6f23c9477a7170ff407ddf2fca0bec9c8550557559b807a9a49bd057d979344859
SSDEEP

3072:y90bC4nnJ/fU5lP7WoqTrx71vBiz/dELkH4SmeMfLvI1bibk50:Y0bNJ/KP7WoMrx7H6/nH4SV6I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da435a6c99c68221d135dc2776c418ff_JaffaCakes118

Files

da435a6c99c68221d135dc2776c418ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3fa5c0eac9526693c5c3870bc2fb48f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextChangeNotification
WriteConsoleA
CloseConsoleHandle
MoveFileW
CreateWaitableTimerW
SetComputerNameA
SetTimeZoneInformation
SetEnvironmentVariableA
CallNamedPipeA
ReadConsoleInputA

user32

GetTaskmanWindow
IMPGetIMEA
LockWorkStation
GetMenuContextHelpId
BroadcastSystemMessageA
GetWindowTextW
SetRectEmpty
TranslateMessageEx
WindowFromDC
ValidateRect
MonitorFromRect
LoadImageA
GetScrollBarInfo
TranslateAcceleratorA
GetMenuItemCount
MapDialogRect
OemToCharA

shell32

SHGetFileInfoW

gdi32

SetMetaRgn
GdiInitializeLanguagePack
CreateDIBPatternBrush
CreateRectRgnIndirect
GetFontUnicodeRanges
PlayMetaFile
SetLayout
AddFontResourceA
GdiGetBatchLimit

Sections

.code
Size: 9KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: 2KB - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ