f647c486cbf4f7e0de2a704fc3c1300d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f647c486cbf4f7e0de2a704fc3c1300d_JaffaCakes118
Size

113KB
MD5

f647c486cbf4f7e0de2a704fc3c1300d
SHA1

4dcf363cacc8d8e273d67a4eaab377ea1029acaa
SHA256

da8d5f8d653ec5011ce976b7461118a46c88f0400372b44198ef9211da035b30
SHA512

38b4ce8c595f3de8059422307d58a9aa2ce65788296fc128cccae4722956d84234a6727baab3382a0b41f238bbdc5c783aaf932b43956cc39ed4d66aedb36657
SSDEEP

3072:jWKXc1yfak/2YLuizliyRsMLIrjM2lrmsyccokye:aKrp2Ji53RsMLJAa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f647c486cbf4f7e0de2a704fc3c1300d_JaffaCakes118

Files

f647c486cbf4f7e0de2a704fc3c1300d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8084d0d39a343181c3d2e61c747b0036

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapSize
LZCopy
HeapLock
VirtualAlloc
GetFileInformationByHandle
GetCPInfo
HeapSize
HeapFree
IsDebuggerPresent
GetDiskFreeSpaceA
HeapUnlock
MapViewOfFileEx
HeapAlloc
OpenWaitableTimerA

comctl32

DrawInsert

Exports

Exports

Mgsrhuthmd
Qildjip
Cftgtixhdo
CloseRehurra
SetBsfrrfrb
BeginWntwikfp
CreateHmwsreqntuw
AddMoqgtxg
AddAblvhvkc
OpenKmvnlqueqc

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ