f9d95ac9ab45ea61109192c15e6e4e8b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9d95ac9ab45ea61109192c15e6e4e8b_JaffaCakes118
Size

160KB
MD5

f9d95ac9ab45ea61109192c15e6e4e8b
SHA1

4c6805c8bf4a48742b85a89c80bf5d6189d810b9
SHA256

9556ec00b38428be6057614325499cf3328311db9aac392de9860a8f8be2f05a
SHA512

d82683653765f5273904dcab0e4862c79491a78549572c9103fd04f33df0489ce711318b4df3325b6bb8efc44c67a5cb3bb6b15d11c544adda27e78a09d886e4
SSDEEP

3072:J1rPbOq9m3bdHsthnUsKBll3zbeAhQRujBALPbY3/hkg:JJPbO4m35Hs3k5zbBQccbe/G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9d95ac9ab45ea61109192c15e6e4e8b_JaffaCakes118

Files

f9d95ac9ab45ea61109192c15e6e4e8b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01f684dd04c63ad0f0bd8603c621af81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileSectionNamesA
WritePrivateProfileStructW
GetAtomNameA
WaitForMultipleObjectsEx
WriteConsoleOutputAttribute
CreateDirectoryExA
GlobalWire
lstrlenA
GetSystemDefaultLCID
EnumResourceNamesW
SetThreadPriorityBoost
GetTempFileNameA

user32

ActivateKeyboardLayout
UpdateWindow
CreateMDIWindowA
SetSystemCursor
SubtractRect
IsChild
DdeConnectList
SetScrollPos

gdi32

Arc
UpdateColors
GetMapMode
RealizePalette
TranslateCharsetInfo

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE