ffb4eae8147ee8b15c072750363d0fda_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffb4eae8147ee8b15c072750363d0fda_JaffaCakes118
Size

127KB
MD5

ffb4eae8147ee8b15c072750363d0fda
SHA1

6138f84ca8ca12a0c35018b3955f17e4b440bb43
SHA256

0f62b50d3d3c51c4e2c0392de4ef0013c43b1b2f90745bc01870780ba0ef724f
SHA512

1eb7848a7b86328356eea3410b67c32eca8ccc18d4f75f1c2e3b7bbfc5c589e988d3d196d46415b69513fd8ad7f02df271dc242570009c396392937e7450a9c6
SSDEEP

3072:bXgry4mXbzTn8vFCuYuU10Rktau24YI3WA4zVnJi2:DSOLzL8NY8c5TYOMPi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffb4eae8147ee8b15c072750363d0fda_JaffaCakes118

Files

ffb4eae8147ee8b15c072750363d0fda_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d60eda3089f24e85c4100aa01cfec132

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateDIBSection
GetTextColor

shell32

SHGetDiskFreeSpaceA
SHGetFolderPathA
Shell_NotifyIconA

kernel32

FreeResource
ExitProcess
lstrlenA
LoadLibraryA
GetACP
FreeLibrary
VirtualAllocEx
FormatMessageA

user32

GetSysColorBrush
GetKeyboardLayout
CreatePopupMenu
GetKeyboardLayoutNameA
GetKeyState
GetKeyboardLayoutList
GetMenu

Exports

Exports

_XqZZ1fC2hNZFH@16
_x6rmljz
_KPLu_BH
_YoYYZE
_kQSowUUPDaTxLt@24
_ree4bKJ@24

Sections

CODE
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 679B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iidata
Size: 1024B - Virtual size: 855B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ