de7f6fbf2735c2002cb9092294b06cad_JaffaCakes118 | Triage

Sharing

General

Target

de7f6fbf2735c2002cb9092294b06cad_JaffaCakes118
Size

42KB
MD5

de7f6fbf2735c2002cb9092294b06cad
SHA1

6e4039f9685a1a25f785c44a28067fecd4785689
SHA256

85e25d6d6f6d48cd5c8c622665f4c73c432899ade52ca8ce82da8fbdfec2888f
SHA512

a8626418f48b95e92c6e88893f1900dca55acced2c530ae8db7ba8212e31f9b56172f5a2f8d4edac73756945445780f3a3fa2ffc3f3b11f96d4b64e22eda27ac
SSDEEP

384:pxerB2FB+lKgAxDgV2sf1jZS/ZN9AsWpB75oNJdBO6GCfrJziXadWOkp6EsqDMQ2:qrBe82a8ZNw+dQQdWOc6nMMl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de7f6fbf2735c2002cb9092294b06cad_JaffaCakes118

Files

de7f6fbf2735c2002cb9092294b06cad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7bc5efae3c66b399f17bc139dec327b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetThreadPriority
FindAtomA
GetProcessAffinityMask
HeapFree
VirtualLock
SetProcessPriorityBoost
GetFileSize
OpenMutexA
GetProcessPriorityBoost
SetThreadPriority
VirtualAlloc
DeleteTimerQueue
EnumSystemCodePagesA
GetExitCodeThread
GetSystemInfo
SetProcessAffinityMask
CancelWaitableTimer

gdi32

CreateColorSpaceA
ColorMatchToTarget

Exports

Exports

CreateYqmamfc
SetFwovwvs
Ahyxuxnx
Vgnqhhgemex
Xlbyoiyv
Eumksdj
OpenQlqrfrs
Khohixpablm
Qimshyawnmi
CloseQmixlvgrfiy

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ