dd663da4e63b603d38d2a677958bc690_JaffaCakes118 | Triage

Sharing

General

Target

dd663da4e63b603d38d2a677958bc690_JaffaCakes118
Size

200KB
MD5

dd663da4e63b603d38d2a677958bc690
SHA1

5dd824baeefc2d3f5595866c0742005ae8162cfe
SHA256

34c0ba6ac5572d4634eaa4b216ad1de32bc5fc24608eca9f2069daf149c8d9e1
SHA512

22009f1ffe9aa2c7084722152115f0463536017c76d12d3a69717f23e3797b00d1a203fcdb9e385cf29219ae9313466d209c9984175dd853933fc66bbe977c93
SSDEEP

1536:jAoDHo9U6T8Gsk0WLPg0qVvFsV9usJQ8O+E+2Tzu84N7jv8y6HsxOHP30jKy5bpk:0oTono4YPSusq5QBqK9sG/Qjg8PBpOi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd663da4e63b603d38d2a677958bc690_JaffaCakes118

Files

dd663da4e63b603d38d2a677958bc690_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b5aa62eec321e011fc5de572303e817

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

pyMMLUPtIC.pdb

Imports

kernel32

GetProcessVersion
GetPriorityClass
GetCommState
DebugBreakProcess
GetLargestConsoleWindowSize
SetThreadIdealProcessor
GetOverlappedResult
IsValidCodePage
GetFileType
GetCommandLineA
DeleteAtom
MoveFileW

user32

GetMenuItemRect
SendMessageW
DrawIcon
GetTitleBarInfo
MapDialogRect
CheckMenuItem
GetWindowInfo

gdi32

SelectClipRgn
ExtSelectClipRgn
CreateBitmapIndirect

winscard

SCardListReaderGroupsA

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ