f9e59f9b7cac5d9e85a67e27a78a1a27_JaffaCakes118 | Triage

Sharing

General

Target

f9e59f9b7cac5d9e85a67e27a78a1a27_JaffaCakes118
Size

104KB
MD5

f9e59f9b7cac5d9e85a67e27a78a1a27
SHA1

264535bbd76dca732d7bf78de0a11cc440314b85
SHA256

8902421b107b626611741784e28d563feeb3b6d4a0e2e16c621fbe1a3195a0a0
SHA512

a218c4fb293f3d8c3aafdcc59071fc88f325f9dbfcc67916d7c3daecdddde7c1e90c6111ce7a5a882440d99d74a9d0d07bd6df23c618594f4c158e29891d2939
SSDEEP

1536:pgeuePbZwbzVpsifBgiS4SW7VU6ol5h3m/4ANfUMZNX:WePbyTsmWiSg83m/4qUMzX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9e59f9b7cac5d9e85a67e27a78a1a27_JaffaCakes118

Files

f9e59f9b7cac5d9e85a67e27a78a1a27_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5f1cd85700907368ecd846584576e9f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetProcessShutdownParameters
WriteFileEx
CloseHandle
LockFileEx
GetTickCount
GetVersion
GetUserDefaultLCID
GetThreadId
CreateFileMappingA
VirtualFreeEx

gdi32

CreateDiscardableBitmap
GetPaletteEntries
LPtoDP
DeleteMetaFile
GetTextMetricsA
Escape
EndDoc

urlmon

RegisterMediaTypes

shlwapi

SHAutoComplete

crypt32

CertDeleteCTLFromStore

rpcrt4

NdrConformantArrayMarshall

user32

GetShellWindow
SetCursorPos
GetClipboardSequenceNumber
GetMessageTime
GetCapture
CreateCaret
DdeReconnect
GetWindowThreadProcessId
IsHungAppWindow

cfgmgr32

CM_Get_DevNode_Registry_PropertyA

ole32

CoResumeClassObjects

setupapi

SetupGetSourceInfoW

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ