ee690d45c6c6dfda4f3770e11997cc80_JaffaCakes118 | Triage

Sharing

General

Target

ee690d45c6c6dfda4f3770e11997cc80_JaffaCakes118
Size

70KB
MD5

ee690d45c6c6dfda4f3770e11997cc80
SHA1

43a92e3c0d7de937233e2e1e9c41412440ec3e8b
SHA256

1d03483f93d3904400d5c6dc257545100594e4eff2f50ac124322ce1bb63e476
SHA512

027c9bc5ba1d532dc630c17d3eebc7971acb7e965051c9c219ffb932168d32f68616186ead7239e25923df15ec52ea319abac8e86501ea828af6f83645f4cbb3
SSDEEP

768:iOMyZ4uJDwuZHiu83fejzwLjmo8hrCv7/Dl0HLSf8tLBs5tc6Eq2mMLjHxXoiuLr:iqXJDzHirm/kKoW6Dl0HReaFRc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee690d45c6c6dfda4f3770e11997cc80_JaffaCakes118

Files

ee690d45c6c6dfda4f3770e11997cc80_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f2f23ddf5fb11c21d966b9a0a38cbfea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\gsyrgzvTv\zjZfkDfytsn\qcOHkvk\nHgxyHWLctfu\CwEoHsyxonk.pdb

Imports

shlwapi

StrFormatByteSize64A
StrRChrW

user32

ShowWindow
DrawTextExW
wsprintfA
CharToOemBuffA
ExitWindowsEx
LoadStringA
GetMenuItemRect
GetMessageExtraInfo
GetMonitorInfoW
MessageBoxA
SetWindowTextW
AdjustWindowRect
MapVirtualKeyA
CheckDlgButton
MessageBoxW
IsCharAlphaW

gdi32

GetBkMode
EndDoc
SetAbortProc
CreateFontW
Escape
ScaleWindowExtEx

msvcrt

_controlfp
__set_app_type
__p__fmode
rand
__p__commode
_amsg_exit
iswctype
_initterm
sscanf
_ismbblead
_XcptFilter
_exit
_cexit
__setusermatherr
__getmainargs

kernel32

GlobalCompact
DuplicateHandle
GetModuleHandleA
SetFilePointer
lstrcmpA
LoadLibraryExW
FindResourceExA

Exports

Exports

?FutureProspect@@YGHPADK|U

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE