f691b283f346809da8a2cfce784f2c90_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f691b283f346809da8a2cfce784f2c90_JaffaCakes118
Size

1.5MB
MD5

f691b283f346809da8a2cfce784f2c90
SHA1

7900fcd801d1bc88dde58885b022a8c88e76bc8b
SHA256

6acd8886bd37b9c334b51915c34d08e101c3e0767fef54c1c4924e7102489069
SHA512

d7d7247fffcd94bfc9d946c6dcd1b9df6a6d318e6817e54fba99cd0574b442784d997be958b776b85005aad33721048df7d00b1a5389481223ba721e7a56ec3c
SSDEEP

24576:+DOCQmGOz3Ag9RRyh4ST+o6cRAy5ZgV/TUtd8CDBN9JMtiTzEGAzIVNddHTo:WOC423vAoc6xC9AzIHddHc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f691b283f346809da8a2cfce784f2c90_JaffaCakes118

Files

f691b283f346809da8a2cfce784f2c90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

303e0439bee5393a10750109ae84c4ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
CreateWaitableTimerA
BackupWrite
SetSystemTime
GlobalFindAtomA
_lopen
GlobalLock

user32

UnregisterClassA
GetMenuItemInfoA
UpdateLayeredWindow
IsZoomed
ChildWindowFromPointEx
MapVirtualKeyW
GetClipCursor
SetDebugErrorLevel
CreateWindowExW
EnumWindows
MenuWindowProcA
MessageBoxW
EmptyClipboard
DdeCreateStringHandleA
GetScrollRange
SetMessageExtraInfo
CreateWindowExA

shell32

SHGetFileInfoA
OpenAs_RunDLLW

Sections

.code
Size: 9KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 36KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE