JaffaCakes118_6770ac0b31afd905cc78b52d7466a110 | Triage

Sharing

General

Target

JaffaCakes118_6770ac0b31afd905cc78b52d7466a110
Size

83KB
MD5

6770ac0b31afd905cc78b52d7466a110
SHA1

7bac7cb4403b4fb9b8796ed347f0443421741c35
SHA256

70f395c657f1009403bef6503fc76ccda014a87b8dddd5618fed53abb1f8120a
SHA512

53377e62f8cb0439e52c333cd02c790749c7a30e5014c14ad51abeefb185c34f85750f280835c71acb3f1351d58610ec2c8c2b7e0c66d0875dc973c33b666e98
SSDEEP

1536:rEiaTFjC7xpTacIl3r5NdK1szyFYzY4yNsxLtJRrqfSg5mau:rjRINTdK12Y4yNsxRqDwau

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6770ac0b31afd905cc78b52d7466a110

Files

JaffaCakes118_6770ac0b31afd905cc78b52d7466a110
.exe windows:9 windows x86 arch:x86

5c03f847ba44deea030f658430048ee4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
CharUpperBuffA
GetWindow
SetLastErrorEx
DefDlgProcA
GetWindowRect
SetWindowLongA
GetParent
IsChild
CharLowerBuffA
TranslateMessage
DefWindowProcA
DispatchMessageA
EnableWindow
GetAncestor
GetMessageA
IsDialogMessageA

shlwapi

ord29

kernel32

GetTickCount
SetLastError
GetLastError

Exports

Exports

?geoInvert@@YGJUrevertPart@@K@Z

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ