d1270358e925aaf3405b4b8f400dcc62_JaffaCakes118 | Triage

Sharing

General

Target

d1270358e925aaf3405b4b8f400dcc62_JaffaCakes118
Size

78KB
MD5

d1270358e925aaf3405b4b8f400dcc62
SHA1

140b2175459fa097cdf7dda48c38f45177da94f5
SHA256

b5f08db7056702be8add9423eb81d7432c74517e64ac3aba64eed2697e195ef1
SHA512

ab457b7929309f2e795df52a0bbcbd7a79a9bb3f417c819906a99be708e989339d9f50b678874e8bd4398bc937c2ec81f4976a60a3cb43ad319812e34b9d9996
SSDEEP

1536:LpreQ6dV5pOo5QnoLkHzQiREXmcW5G3wHawJwrJx+JElqJbP:96Q6z5pMogHzQimX48Lw6rH+S8bP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1270358e925aaf3405b4b8f400dcc62_JaffaCakes118

Files

d1270358e925aaf3405b4b8f400dcc62_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a462310d8dc17dcc7ee053877ca4f02e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\InfoText.pdb

Imports

advapi32

IsValidSid
GetUserNameW

kernel32

GetWindowsDirectoryW

Exports

Exports

GeometryOutput
GeometryInput
?DunnoCapatice@@YGPAXUtagSIZE@@@Z
?ForceCountSys@@YGPAXUtagSIZE@@@Z
?LabelRegit@@YGPAXUtagSIZE@@@Z
?LocalTimerOn@@YGPAXUtagSIZE@@@Z
?SemiForte1@@YGPAXUtagSIZE@@@Z
?SemiForte2@@YGPAXUtagSIZE@@@Z
?SemiForte3@@YGPAXUtagSIZE@@@Z
?SemiForte4@@YGPAXUtagSIZE@@@Z
?SemiForte5@@YGPAXUtagSIZE@@@Z

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ