130f6b1febedff44266a4d951e929df6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

130f6b1febedff44266a4d951e929df6_JaffaCakes118
Size

60KB
MD5

130f6b1febedff44266a4d951e929df6
SHA1

8df558a4df71f6078d4f894c99dca4e3efb342f2
SHA256

9b307a7e35a0d59bcda079b8ec94a663ff4d4f26fd8a65c05fc89f656aa48137
SHA512

1828608eda70a99e14a197eb7b3428042c2743c736a09f4c3ef1dc040b717e352ee4ba2ccf6b4a2ce7d9bef49a1242ad9a0c1f618dd65f7530a2d718171a5b59
SSDEEP

1536:f+nBzq72SxUc7VrgX0rgkMnuMru/MTxSW/uL95BHG:fGBtYV7FJ+S/O2L95g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
130f6b1febedff44266a4d951e929df6_JaffaCakes118

Files

130f6b1febedff44266a4d951e929df6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14769fc4f7cf50122c5996f547d33ae3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
RemoveVectoredExceptionHandler
LoadLibraryA

ntdll

RtlLookupElementGenericTableAvl
RtlNewSecurityObjectWithMultipleInheritance
RtlSetAllBits

user32

ReleaseDC
RemovePropW

advapi32

CommandLineFromMsiDescriptor
LsaDeleteTrustedDomain

gdi32

InvertRgn
GetPolyFillMode
GetNearestColor
GetMetaRgn
GetFontData
GetDeviceCaps
GetDCBrushColor
CreateRoundRectRgn
OffsetClipRgn
SetTextColor
SetTextCharacterExtra
SetRectRgn
SetMetaRgn
SetMapMode
SetDCPenColor
SetArcDirection
CancelDC
OffsetRgn
AddFontResourceW
BeginPath
BitBlt
CreateEllipticRgn
PathToRegion

oleaut32

SetVarConversionLocaleSetting

msi

MsiRecordGetFieldCount

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE