f9d7ae85ee9e95b8d7fe649c8bd31ecc_JaffaCakes118 | Triage

Sharing

General

Target

f9d7ae85ee9e95b8d7fe649c8bd31ecc_JaffaCakes118
Size

115KB
MD5

f9d7ae85ee9e95b8d7fe649c8bd31ecc
SHA1

e31f411afdf78f77bb9b9a33ae1f18fc3292dcbc
SHA256

91070fe4bab11dbae3bbc3d0a5c43a8958ba1c92fb138fc89ca91b1a31c903fa
SHA512

6734f8be5fd4ccf1b331a0c405448aab9da2b353c73513e7e945fcf8bffe9a16c8958cd87954c0feecd44b04a2275ef54ed17336b61b705749244202509fdbca
SSDEEP

3072:BnuWB0CjQfqpdVY/+GjpojkzdI4MfkkzrecV9gmg:xf0CcQvY2opo4qzfkAVWmg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9d7ae85ee9e95b8d7fe649c8bd31ecc_JaffaCakes118

Files

f9d7ae85ee9e95b8d7fe649c8bd31ecc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

04057f5832da5231ccaa11abfea0116b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueueUserWorkItem
PrepareTape
GetModuleHandleW

ntdll

RtlAnsiCharToUnicodeChar
RtlAcquireResourceShared
RtlRestoreLastWin32Error
RtlTimeFieldsToTime

user32

SetMenuDefaultItem
LoadBitmapW
BroadcastSystemMessageExW

ole32

CoMarshalInterface

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
QueryRecoveryAgentsOnEncryptedFile

gdi32

GetBkMode
GetPixel
EqualRgn
EnumObjects
Ellipse
FillPath
GetClipRgn
GetTextColor
GdiTransparentBlt
SetWorldTransform
SetTextAlign
SetPolyFillMode
SetPixelV
SetGraphicsMode
SetBkMode
SetBitmapBits
SelectClipPath
PaintRgn
GetSystemPaletteUse
CreateScalableFontResourceA
Arc
RestoreDC

msimg32

AlphaBlend

dinput

DirectInputCreateW

shlwapi

SHRegCreateUSKeyA

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE