f62fd64609b0191154e45a4cdb8b2b73_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f62fd64609b0191154e45a4cdb8b2b73_JaffaCakes118
Size

4.0MB
MD5

f62fd64609b0191154e45a4cdb8b2b73
SHA1

3d44f170d86f8cbd40417071c8a3c86bf17587b8
SHA256

d9c3cf09e9b66e0b0a008479d49691abea7f4bb0d16d1ca2522d383b7acb6c3d
SHA512

f340dc10a398abd5d3e6b698c9c9d08d720109bc202828792fa5f49ea633c8096270e5c8e0007b211823866993983cc04ce20bb5a7932764f6a37d11c5b93038
SSDEEP

98304:O45GQSSCGC+NPsYVR0v2Aws1Fh9H2kQi7R5gbtRD6Lk/u:OL4lVsYVWvF2DqPIRAkG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f62fd64609b0191154e45a4cdb8b2b73_JaffaCakes118

Files

f62fd64609b0191154e45a4cdb8b2b73_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8497de1b849d440a6e5899104929adbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryInformationJobObject
GetFullPathNameA
IsSystemResumeAutomatic
SetVolumeMountPointA
GetSystemDefaultLCID
GetCommState
GetLastError
GetExitCodeThread
GetUserGeoID
GetCompressedFileSizeA
LoadLibraryExA
VirtualAlloc
SetConsoleCursorInfo
ReleaseSemaphore
GetWindowsDirectoryA

user32

EndTask
SetCaretPos
GetParent
LoadAcceleratorsA
GetUserObjectInformationA
InSendMessage
GetDlgItem
GetDlgItemInt
CliImmSetHotKey
EnumWindowStationsA
PostThreadMessageA
ToAsciiEx
PostThreadMessageW
UnregisterDeviceNotification
InSendMessage

Exports

Exports

Dutunrwqx
GetIifljpyg
EndYmpddbia
EndVoenpttu
GetStylpgywb
Bdsicequ
OpenJnllocsgo
Xvcrecjy
CloseMdcxlxi
IsBfjxbavh
Dqmdrdl
Vyqjnqh
OpenUfkofaaykrh
WriteYfgwsrbxyx
Fghfweohvd
EndPwsujwd
InitAkxqbpiksh
Otkgclwps
AddGarjskyifwk
ClosePfcdupxq

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 886KB - Virtual size: 886KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ