568d17d6da77a46e35c8094a7c414375_JaffaCakes118 | Triage

Sharing

General

Target

568d17d6da77a46e35c8094a7c414375_JaffaCakes118
Size

1.2MB
MD5

568d17d6da77a46e35c8094a7c414375
SHA1

500fa749471dad4ae40da6aa33fd6b2a53bcf200
SHA256

0da56126ffb57acb5bb1a3ffa1c4c0c2605d257988b2d2964344b8f23173f615
SHA512

7beb044f8bd366350b267c0fedc8466d2c5fd80b0f791f5697ce4577edced36b668401fd48df90b6c4ced05247d990c5e739e7232a2dcfc059dcc0c6a79d9427
SSDEEP

12288:D+FwW6Se3oB/8WjH2fIGOVoDJLvfOqsUFY:D+qJSgZwEIGOVUJLnOqs+Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
568d17d6da77a46e35c8094a7c414375_JaffaCakes118

Files

568d17d6da77a46e35c8094a7c414375_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f0a5716e00f06c2ac94766e26777ea6e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wh@##weh.Pdb

Imports

ntdll

wcstol

gdi32

DeleteObject
AngleArc
GetTextFaceA
GetWindowExtEx

opengl32

glEvalMesh1

shlwapi

StrTrimA

mscms

UninstallColorProfileW

kernel32

GetNLSVersion
InitializeSListHead
SetConsoleCursorInfo
GetSystemRegistryQuota
GetModuleHandleA

oleaut32

SysStringLen

user32

UserHandleGrantAccess
CreateCaret
CallWindowProcA
GetSubMenu
GetCaretBlinkTime

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 814B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 744KB - Virtual size: 742KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 360KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ