12723f2b0ef12f672c3548e3eb848b7c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12723f2b0ef12f672c3548e3eb848b7c_JaffaCakes118
Size

265KB
MD5

12723f2b0ef12f672c3548e3eb848b7c
SHA1

0d2454b326fb3341f3410a7ea7cb4baa86e460f2
SHA256

e369fb7f9307fbd21bd5018bdf217be8b570dac91c0f4d84afbe55ed8999b5b1
SHA512

8d8bd52af367b9c5ef63dd1599b6bc01fda6bf6b5c7b5e64773176873f4f5a8b1429877c452534d24b8c8ba552d46775ca9749aeb1cb12d21eb0dc0d33a09d52
SSDEEP

6144:tMMIm+WQL3Cq9A6tCp0fIVBeI93op857lh:tMMIm+dLyq9A6tCpVVBeI93oOp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12723f2b0ef12f672c3548e3eb848b7c_JaffaCakes118

Files

12723f2b0ef12f672c3548e3eb848b7c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0d4382a9a7fe26b5cdef32249424c2cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AttachConsole
GetProcAddress
SizeofResource
SetCurrentDirectoryA
GetStringTypeW
LoadLibraryA

user32

IsCharLowerA

gdi32

CombineTransform
CreateCompatibleDC
SetGraphicsMode
EndPath

Exports

Exports

qpnthrjsmhozd
wsihgxtgobego
zjxadrmyitpo

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ