f9d5cf4020b7fd64971a5eb50f99991e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9d5cf4020b7fd64971a5eb50f99991e_JaffaCakes118
Size

204KB
MD5

f9d5cf4020b7fd64971a5eb50f99991e
SHA1

d47a37fc3badb8e9f5c87b53487face000f427b2
SHA256

ff9167b0b438747203f90aebe214b24304873fd921116addd51be351f3841f6e
SHA512

2f5c23550f08f9c91148fc5d6ba3e8f567c97e69c04bd09bea400465b29974eff0c6ded763335f1efa729f9a545a838a5e34d3676123b96cb59a850f45b055cc
SSDEEP

3072:ZuMVZ8lhyPNbs4hoQRx1g8a3quLq6rz74rvlEe9a2+VpN0F2tRUUJXktip:g+q0bzR+S68rtEeMrDPRci

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9d5cf4020b7fd64971a5eb50f99991e_JaffaCakes118

Files

f9d5cf4020b7fd64971a5eb50f99991e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ec65a0173d3dddcb4dcfc704d670fc4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetOEMCP
HeapAlloc
ExitProcess
CompareStringA
GetStartupInfoA
GetModuleHandleA
VirtualAlloc
Thread32Next

hid

HidP_InitializeReportForID

user32

OpenClipboard
GetKeyboardLayout
CheckRadioButton
DialogBoxIndirectParamA
GetWindow

gdi32

GetDeviceCaps
ChoosePixelFormat

dsound

DirectSoundEnumerateW
DirectSoundEnumerateA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ