ffbdb41487a4edffd260c6b4bf2b4c8a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffbdb41487a4edffd260c6b4bf2b4c8a_JaffaCakes118
Size

172KB
MD5

ffbdb41487a4edffd260c6b4bf2b4c8a
SHA1

b8c6b455bcb79217a3f32d73f2a17386ec48c03c
SHA256

85c023238dea7b1b57d15f6ba2da4eb902995f623f7d93148a8bc70df38a6742
SHA512

0e83b026612531988e3fc6fb7a6cb6b2952d00db673cff8560c17bde58f0612ed060d4bbc27d032bdb9986f9bc9ca5f3f2d349b5250c2d876967dc3555446a3d
SSDEEP

3072:ZJ+EwOPiBb2dA9TYzylo4rc3ldK6NlxzZZvKox6SMWHYO7kQ:ZoENqb2S9TOo9Q1dK8xzZlPwN7O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffbdb41487a4edffd260c6b4bf2b4c8a_JaffaCakes118

Files

ffbdb41487a4edffd260c6b4bf2b4c8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

333cef2efac04abcb0b5da5a8ff49413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
IsDlgButtonChecked
OemToCharA
MessageBeep
MapWindowPoints
GetDesktopWindow
GetMenu
CharLowerA
IsWindow
LoadIconA

kernel32

LoadLibraryA
GetUserDefaultLCID
GetTickCount
ExitProcess
GetThreadLocale
VirtualAlloc

shell32

SHGetFileInfoA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetDesktopFolder

gdi32

GetTextColor
CreateBrushIndirect
CreateCompatibleBitmap

Exports

Exports

_DjFZoqBj1q@16
_oc9i17rzu
_c08htHg
4XcboX_4C
TzhfEANZee@12
AeLa_XxXDxlV
XIZHfK

Sections

CODE
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 758B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ