e06532ccd80a0fa3f033fe907dba73c0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e06532ccd80a0fa3f033fe907dba73c0_JaffaCakes118
Size

183KB
MD5

e06532ccd80a0fa3f033fe907dba73c0
SHA1

44956fb1421e1835532128587119517ecb4df08c
SHA256

2b8a5e05ad835de2bf272217f8e64ad484c2dd31a74a8b39e55fc707368df157
SHA512

4923ca956b9a392ddc9b27d9b40919f26dc1a94aa0805c6ab2ebcbd11231803178e3a2b77f32a8535e950658e5e99ce7e8d4b66b5cf1a235b5419acdd30ea0c3
SSDEEP

3072:z+RZ/xq1buTSC5PO5EJekfiz9YnqYxDm5KJ6nQuasxq4xk/vLyIz+PYGQHtzT:in/xq0FkE8e3LBuasxnS3mIgQHl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e06532ccd80a0fa3f033fe907dba73c0_JaffaCakes118

Files

e06532ccd80a0fa3f033fe907dba73c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5fccff17fba26593bb68b6b57bfae7f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessPriorityBoost
GetConsoleAliasesA
GlobalFree
SetConsoleInputExeNameA
CopyFileW
FreeLibraryAndExitThread
Heap32ListFirst
Sleep
CommConfigDialogW
SetConsolePalette
CopyFileExA

user32

UpdateLayeredWindow
SendMessageA
DdeDisconnect

shell32

SHGetFileInfo
ExtractIconW
ShellAboutA
StrChrIW
RealShellExecuteExW

gdi32

SetViewportExtEx
AngleArc
UpdateColors
GetTextExtentExPointWPri
GdiGetPageHandle
GdiDeleteLocalDC
GdiGetSpoolMessage
GdiConvertDC
GetNearestPaletteIndex
GetCurrentObject
GetBkColor
GdiStartPageEMF

Sections

CODE
Size: 9KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 169KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ