01b0638a3daf0b2ec3d19b18594c4014_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01b0638a3daf0b2ec3d19b18594c4014_JaffaCakes118
Size

28KB
MD5

01b0638a3daf0b2ec3d19b18594c4014
SHA1

3ff37fd8a1130aa8f5606155eed80bd13a9e9422
SHA256

e80eb39a991ac1d57eeefc03387d1dee0222260b541bb8540d35635873b298ab
SHA512

01c1ac394ac9ecdcba6345f50be544ba65ea31550e02d29549666b4bab4c33187f6569362667059688ed19074b6edc380828bd7634c964dfab96e37e95ae48bd
SSDEEP

768:2dm7H+D4XiBvAt8HRW2ySGXDYTo7L9924Ym:kmzK4XINRW/SGXDCo7B9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01b0638a3daf0b2ec3d19b18594c4014_JaffaCakes118

Files

01b0638a3daf0b2ec3d19b18594c4014_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18892466b756bec0476cab51c2aa3d21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Control_RunDLLW
SHGetDesktopFolder
RealShellExecuteExW
SHFileOperation
SHGetMalloc
StrChrIW
SHEmptyRecycleBinA

gdi32

GetDeviceCaps
PtInRegion
FloodFill
PathToRegion
GdiStartDocEMF
RectInRegion
PolyPatBlt
GetTextColor
GetPixelFormat

user32

MessageBoxExA
CreateMenu
FlashWindow
ChangeMenuW

Sections

.text
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE