feb6f2502de9d996f6f96c6ec5439c97_JaffaCakes118 | Triage

Sharing

General

Target

feb6f2502de9d996f6f96c6ec5439c97_JaffaCakes118
Size

59KB
MD5

feb6f2502de9d996f6f96c6ec5439c97
SHA1

06fcf65039b2941fb74005ae2aea4d72ab7f8e24
SHA256

863e72ef63815cddf79c24be4e3dc583c4c98f80ed5f22badd1bddac448b04c6
SHA512

fcadc0b2b28f837c00766adfe35f80eec07abc5a22626e23a9b78b8ae17103ab7f3231e3879da01289d8940a2d4a6102ff76acd9e8387c1bd89ae8b1fa9de3ae
SSDEEP

768:Fgsu4+Cl9HPZJ8tLBs5tc6Eq2mMLjHxuscp8E57cOx6sf0WRIj3PCGYr:F9+Cl9HPZ2eaFRucE5oOE/W2j3H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
feb6f2502de9d996f6f96c6ec5439c97_JaffaCakes118

Files

feb6f2502de9d996f6f96c6ec5439c97_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3b34f2b243b7b669bd0f8c39e7a21a90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\yGRgpkx\ctkihGzpwslhax\fjdobwnj\mjgtbkcvwLz\xaIvMnjyFi.pdb

Imports

shlwapi

StrRChrW
StrFormatByteSize64A

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
fclose
_ismbblead
malloc
_XcptFilter
_exit
vswprintf
_cexit
__setusermatherr
__getmainargs

kernel32

FileTimeToSystemTime
UnlockFile
GetUserDefaultUILanguage
GetFileAttributesExA

gdi32

DeleteDC
CreateRectRgn
GetViewportOrgEx
GetTextAlign
GetTextColor
ScaleViewportExtEx

user32

SetCursor
TranslateAcceleratorA
GetDCEx
wsprintfA
GetKeyboardLayoutNameW
InSendMessage
GetWindowRect

Exports

Exports

?GeometryTranslate@@YGHPADK|U

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE