daf4593ada32c4fa91e4aa5995e9db9d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

daf4593ada32c4fa91e4aa5995e9db9d_JaffaCakes118
Size

151KB
MD5

daf4593ada32c4fa91e4aa5995e9db9d
SHA1

41a2cdc06bd52420feb78ff242c54cb87b68b2e9
SHA256

03e0129d958bf7139e2da74cbd2fd9796515d85e7ee9a97cf80b6e4c2f8d4629
SHA512

90f34d94433ec86ee13932f3b9d494a73364ffbe0e8b84b6be24f14f3eb186d8edd4bd0eaf14e072f74bfdf623df882366fe6d1cb1db38d51a9ef7922df0cede
SSDEEP

3072:s1/j9Hp4kLCA3IUk4sLAVZjSs2jRcFhl/txGCbn:6rTX1YExVZL2Al3Fb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daf4593ada32c4fa91e4aa5995e9db9d_JaffaCakes118

Files

daf4593ada32c4fa91e4aa5995e9db9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d48de5057b2b42d90f162c05d941f290

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
EnumResourceLanguagesA
LoadLibraryExW
CreateWaitableTimerW
EnumUILanguagesW
CopyFileExW
AreFileApisANSI
GetCPInfo
WritePrivateProfileSectionA
GetCurrentDirectoryW
VerSetConditionMask
GetNamedPipeHandleStateA
SetLastError
GetProcessHeaps
SetConsoleCursorPosition
GetSystemDirectoryA
ReadDirectoryChangesW
GetUserDefaultLangID
OpenMutexW
GlobalReAlloc
LocalCompact
InterlockedDecrement
InterlockedExchange

Exports

Exports

HytAak
HytAdspk
HytAhs
HytCnu
HytFc
HytFi
HytGhy
HytGly
HytMle
HytQfi
HytQji
HytUdmpe
HytVw
HytWjo
HytWno

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE