1169f6453caf096e69f23b9870c070b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1169f6453caf096e69f23b9870c070b8_JaffaCakes118
Size

83KB
MD5

1169f6453caf096e69f23b9870c070b8
SHA1

7b1f58eff9fa7555cc9c1195fcf172323b8f6241
SHA256

a97f60a9416a9b63d16443166950560007f1efdef8c9f0d2edeeceb7e4c95b70
SHA512

335e7c390d61aa25019040259a6dd213adb2038aa78aeaf51a69c649660eedee10adace99db5bab67d78715ebd7af1221bb92baf123867a3821422c66199b0fd
SSDEEP

1536:Zn8OdzcFS+6VqHnSNE4GkGeF7n/ROtdwtnoYsMneBsCXKZ6iHqF:Z8MzES+6VOSNcGnZ8iNsJBsf/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1169f6453caf096e69f23b9870c070b8_JaffaCakes118

Files

1169f6453caf096e69f23b9870c070b8_JaffaCakes118
.exe windows:1 windows x86 arch:x86

92fba0e81615f628d28357c3b4b097a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualAlloc
SetComputerNameExA
FindNextFileA
MoveFileA
CommConfigDialogA
WriteProfileSectionA
OpenJobObjectA
SetThreadLocale
VirtualAlloc
GetCurrentProcessId
VirtualAlloc
FlushViewOfFile
SetVolumeMountPointA
VirtualAlloc

user32

OffsetRect
DestroyCaret
CopyRect
GetClassNameW
DlgDirListComboBoxW
DispatchMessageA
IsDialogMessageA
GetClassNameW
RealGetWindowClassA
IsHungAppWindow
GetClassNameW

Sections

CODE
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ