1279d162c82a8e6950943a86071ca920_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1279d162c82a8e6950943a86071ca920_JaffaCakes118
Size

122KB
MD5

1279d162c82a8e6950943a86071ca920
SHA1

4e8b4e8d56f764a148bd6f6a0d613228a7aea5f5
SHA256

bba499044b857340565f4eb5c8c0b620bac2cb5fc0d096d38494fc4d79042fac
SHA512

07ff0cef25f7c1fd5bb56b9f084fd3b96b2f0bea99c86cc1e531317fcea657b85f665399f4d48c537e99bd6b0e60cfd131e0ed4e99b0c07e5afcf49d246ac8f2
SSDEEP

1536:hwyQ/44JCTrt0hlDVEcoYKC9dxqKYedrKNkQoH0UhDMS3Z5lWIs3P4pEwtGvoelq:6XXKmScHXxFSOFFs3Pa3tMblJ0uX6sa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1279d162c82a8e6950943a86071ca920_JaffaCakes118

Files

1279d162c82a8e6950943a86071ca920_JaffaCakes118
.exe windows:4 windows x86 arch:x86

364b6ea79d1c023cd3554d095c535e1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

BuildTrusteeWithNameW
CryptAcquireContextW
CryptEnumProviderTypesW
CryptSignHashW
ElfBackupEventLogFileW
ElfOpenEventLogW
RegOpenKeyA
FreeSid

gdi32

GetBoundsRect
GetCharacterPlacementW
GetMetaRgn
GetDIBColorTable
GetFontAssocStatus
GetMetaRgn

user32

CheckMenuRadioItem
CreateIcon
DragDetect

Sections

.flat
Size: 13KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 75KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE