0d7333269c8ae897aa72f08914fd2302_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d7333269c8ae897aa72f08914fd2302_JaffaCakes118
Size

164KB
MD5

0d7333269c8ae897aa72f08914fd2302
SHA1

4edb5b5059db5504282fc9f1f76dec446d42259e
SHA256

546099672e4434c6a574af9e44dd4434ca513ad26e9ed8957314ba3e98eb09a5
SHA512

be6473492cc7643ee4a4ed9f7b695470bc540ce74429e192e1b4827d7cc74835097730a726318180c2c273fdbac8f0af34cfc933d5f59a6b515183eeb54b81ae
SSDEEP

3072:SIKV5GDtFBNfHlgidCX5FeBexnhb8cqJSDRa7FzJ1AQo0/rW/No31+5:8DM5NfaXKeD8c2tFzJ1Az/qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d7333269c8ae897aa72f08914fd2302_JaffaCakes118

Files

0d7333269c8ae897aa72f08914fd2302_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05d4d325caa13ae1375a932e8b2c339d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetCommandLineA
LoadLibraryExA
ExitProcess
LoadLibraryA

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconW
Shell_NotifyIconA
SHFileOperationA

user32

GetPropA
GetMenu
LoadCursorA
GetScrollPos
KillTimer
CreateMenu
GetScrollInfo

oleaut32

SysStringLen
VariantChangeType
SysFreeString
SafeArrayUnaccessData
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCreate
SafeArrayGetUBound
GetErrorInfo
SysAllocStringLen

Exports

Exports

2SdRPUvEs@16
_9OJOl
M3tEiSUauSg@24
_OUpi3
rqAFdKB1f
c1ClLfgcVLu9R
SOkRWsu0Ek

Sections

CODE
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ