eb201a647a5ec3e8cc19987e5243e1eb_JaffaCakes118 | Triage

Sharing

General

Target

eb201a647a5ec3e8cc19987e5243e1eb_JaffaCakes118
Size

204KB
MD5

eb201a647a5ec3e8cc19987e5243e1eb
SHA1

cafbf342d15b81de21bc89da179755da52af430a
SHA256

3c0470a8d8f91efb9a4f948a1e79fbb4bacc850679df029c9748e29475066a7a
SHA512

4fbe1a3becfd5194cb0230291eefbc5962e3e9a4b392b3f80248a6789f7dd92f63858a4c4813c5d80882832bb89686e2f016f92d44f86fe76e583e9157ad730f
SSDEEP

3072:SnP8nku+im0+v9jnnf95ZRqjFHOJrlnYul0ZuuJPPJ8wxsdOqsJ3MBTyv//:8PQf+S2/RqjQRYR7OOqsJMBmP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb201a647a5ec3e8cc19987e5243e1eb_JaffaCakes118

Files

eb201a647a5ec3e8cc19987e5243e1eb_JaffaCakes118
.exe windows:6 windows x86 arch:x86

737e8e80ba30c3bbba34ca785523202c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCursorInfo
GetModuleHandleA
GetBinaryTypeA
GetNamedPipeClientSessionId
GetCommandLineA
GetConsoleWindow

oleaut32

VarR8FromI4
VarUI2FromBool

user32

DrawMenuBar
InternalGetWindowText
GetWindowTextLengthA

rpcrt4

RpcStringFreeA

gdi32

GetMapMode
LPtoDP
SetTextCharacterExtra

opengl32

glMultMatrixd

pdh

PdhEnumObjectItemsHW

advapi32

QueryUsersOnEncryptedFile

ole32

CoRegisterMessageFilter

Sections

.text
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ