f9367630697814df89999cbfae96c849_JaffaCakes118 | Triage

Sharing

General

Target

f9367630697814df89999cbfae96c849_JaffaCakes118
Size

350KB
MD5

f9367630697814df89999cbfae96c849
SHA1

96da64fdd9cb2f5df599cae8ded1e4792b241c17
SHA256

8b55db1cd1a5e7dd38027210d81689c20b31b28d934e5e6abced2e2a8c317feb
SHA512

5768f0251ec89008b7150027df36b8d3614ad0ff717adde7a7ca9a5a0592fa4e59b418e1ec9aaee185e270f0be7de188d7d7d1bb01c13d65756abca6da6c8abe
SSDEEP

3072:mRyuT71ZNMEHzbphQQl/nE9iOYdsODyV3jxSlWMAj:mRyuT5x7hnE9vYNDyVY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9367630697814df89999cbfae96c849_JaffaCakes118

Files

f9367630697814df89999cbfae96c849_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b84a01864edccfbb8ce5c78107240d8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZSeek

advapi32

PrivilegeCheck

user32

GetDlgItemInt
LoadAcceleratorsW
GetMenuDefaultItem
DdeFreeStringHandle

kernel32

LocalFileTimeToFileTime
FreeConsole
GetNamedPipeClientProcessId
GetModuleHandleW
GetStringScripts

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

_D2
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PACK
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ