f046413ff8a098973cdf1e28b3563e03_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f046413ff8a098973cdf1e28b3563e03_JaffaCakes118
Size

41KB
MD5

f046413ff8a098973cdf1e28b3563e03
SHA1

202b91623922550a9eb2afc831636358b8b36e95
SHA256

5a29f7e955ff36ed9e4616722b2215de60b90595c51a4db59757c566341a030a
SHA512

ed4fb0b63c4a600b8f76d0239e564d3275e3a5415e3596507b832dcfbf5f9e9073e5a7a75cbe71bca44523883dec6b7a3ca4aa8a80d0da566204c7c7929f34e2
SSDEEP

768:3gDg7Jt23xzuyjkGkQZRNGrofrSGLKbQhGTj0f8JumhuRJu/dJ6VmOs7e3:3GgStBjk6uGLKUBEJumhuRJu/OVmOs7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f046413ff8a098973cdf1e28b3563e03_JaffaCakes118

Files

f046413ff8a098973cdf1e28b3563e03_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8afd437c11756e0cfe3c82d50c12232d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetState

advapi32

BackupEventLogW
ClearEventLogW

user32

CheckMenuItem
CreateWindowExA
DestroyWindow
GetMessageA

Sections

.icode
Size: 33KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 512B - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ