f6f5dcca8a84b0e030cf025486d5f0ca_JaffaCakes118 | Triage

Sharing

General

Target

f6f5dcca8a84b0e030cf025486d5f0ca_JaffaCakes118
Size

76KB
MD5

f6f5dcca8a84b0e030cf025486d5f0ca
SHA1

fb983fc0daec1f714a8e87babb7c485db9fcc86a
SHA256

1c7976c5cf5b9550e27558e6dafa6815717b0affb9fb1dbefb1b81d32a1f9cab
SHA512

0dcff9bbebc3685f6909d1dbad36e81895dcef9d969af9f441c330f4247182edd72a25b24a99ce8964ec541c99a45e1a975b479f6c865071697753f3eafac1aa
SSDEEP

1536:mk7VJKloelhNBiDkLcbkR0OjJjV1ATg15HYFs7Y9iwdPK:npJKlocXCkskRVlATa5N7YAp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6f5dcca8a84b0e030cf025486d5f0ca_JaffaCakes118

Files

f6f5dcca8a84b0e030cf025486d5f0ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd9efba2b7cf3aa89c43524d3009e943

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
ExitProcess
GetCurrentProcessId
GetLogicalDriveStringsW
GetUserDefaultLCID
SetFileAttributesW
VirtualAlloc
GetCommandLineW
GlobalFlags
SetEnvironmentVariableW
FindResourceExA
GetModuleHandleW

gdi32

SetBrushOrgEx
ResizePalette
SetBitmapBits
GetRegionData
SetTextJustification
GetTextMetricsA
CreateSolidBrush
CreateRectRgnIndirect
ArcTo
GetWindowOrgEx
ResetDCA
Ellipse
CreateFontIndirectA

activeds

ord25
ord23
ord20
ord5
ord13
ord3
ord15
ord6
ord26
ord27

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 79KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 102KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 102KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ