e763c971e990fc4eea67951471df25fe_JaffaCakes118 | Triage

Sharing

General

Target

e763c971e990fc4eea67951471df25fe_JaffaCakes118
Size

51KB
MD5

e763c971e990fc4eea67951471df25fe
SHA1

20af0416d67b670ca15ede714eccbbb173146bf1
SHA256

f79a2f12593adb87b21582be1e33e8643ac5aedb54ffd44ec33300fc2ed3b40e
SHA512

24be6e0147772b68c143278164ecffdccac8c8a8be842c03fcb061d1e165d45a13a52ae7954eb0b88dadc78b244cf1de7f674c1a875314c620c0b32f96f2a2b1
SSDEEP

768:mymdWE7MFsuQUwpw2FBBBpH4RwHRiUvlsYQKoFwUU85+bzeh7nu9y:IfZB3H4RkiwsOoFqdqU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e763c971e990fc4eea67951471df25fe_JaffaCakes118

Files

e763c971e990fc4eea67951471df25fe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0aaf376912418cde76846ebd7c1b505b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\aicFXYhm\vkad\LcWAFJJV.pdb

Imports

gdi32

GetDeviceCaps
WidenPath
TextOutW
SetBkMode
CreatePalette
GetLayout
CreateFontIndirectA
CreateDIBitmap

comdlg32

PrintDlgExW
GetOpenFileNameA
ChooseFontW

kernel32

GetTempFileNameW
lstrcpyA
CreatePipe
GetTempFileNameA
UnhandledExceptionFilter
HeapLock
FlushFileBuffers
SearchPathW
UnmapViewOfFile
DeviceIoControl
AreFileApisANSI
SetStdHandle
lstrlenA

user32

CallWindowProcW
DragObject
DialogBoxParamW
DialogBoxIndirectParamA
UnionRect
GetMessageW
CharNextW
IsZoomed
GetPropW
wsprintfA
GetForegroundWindow
TranslateMessage

Exports

Exports

?IxxWlHNDvtshazlAp@@YGHPADJ@Z
?LollhlfZvnvFDwBkxyaOxo@@YGPA_NHK@Z
?cafkapccvrwbjRacOT@@YGXJ@Z
?sfxjlruSsaIhr@@YGPAFG@Z
?wwyNaKh@@YGIPAF@Z
?onfBsGOV@@YGPAJMH@Z

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ