eaf405604328b0caebb1e23dc859175d_JaffaCakes118 | Triage

Sharing

General

Target

eaf405604328b0caebb1e23dc859175d_JaffaCakes118
Size

184KB
MD5

eaf405604328b0caebb1e23dc859175d
SHA1

9b899996219687dc0ff60acddccbdaf0d415c50b
SHA256

239cfd93d9c6394ddbd7f68cf6dc9278ef2d10b1d7c247be813d2e24f19e6445
SHA512

1f058d8ced979e1f716f9cceb0855b25689190343125016e0b8dfed5b22e618b650042c6439384979a458db667eceb981df0bfe763b9cb7b2efffeab90a62e2a
SSDEEP

3072:utXb9f3tQTnk+dov4lbHcazR40+tM+9B4Xp8gGTs14ELp6SiU:utL9f3tRzmbDUW+X4vz4RSD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eaf405604328b0caebb1e23dc859175d_JaffaCakes118

Files

eaf405604328b0caebb1e23dc859175d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

410bc373d99a17062bbccb5940f942bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetProcessWorkingSetSize

user32

GetAltTabInfoW
InsertMenuA
RegisterSystemThread
IsClipboardFormatAvailable
GetThreadDesktop
DdeCreateStringHandleW
GetCursorInfo
ChangeClipboardChain
ChangeClipboardChain
LoadMenuA
SetMenu
CharToOemA
InitializeLpkHooks
PostQuitMessage
RegisterDeviceNotificationW
UpdatePerUserSystemParameters
SetProcessWindowStation
DdeKeepStringHandle

gdi32

GdiEntry3
LineTo
bMakePathNameW
GdiGetSpoolFileHandle
GetFontLanguageInfo
GetTextExtentPointI
GdiDllInitialize
SetTextCharacterExtra
GetTextExtentExPointA
CreateFontA
GetWindowExtEx

Sections

.code
Size: 9KB - Virtual size: 811KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 170KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ