0f716bc7d990f22c075e82a5a71a7195_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f716bc7d990f22c075e82a5a71a7195_JaffaCakes118
Size

26KB
MD5

0f716bc7d990f22c075e82a5a71a7195
SHA1

6d54add691e584c4a3bb53167d323ba00f2ba334
SHA256

a909b91e7c1b42d27cddaacf92d57bfdabc981a075c4a319c9f4525ebbc53e98
SHA512

7b2daa7c13527d7a12beff69d8f894902a3cecf2dab10450fa40c67042d3a55f54883a5141148bfec9d2316b773ec84a4b79d8ea272c96c35de917603b511c21
SSDEEP

384:Kwxyw16Im67uowZNikFuis1avP6GdmQXbKzAjXmke3M256hd3PsovY7d/4:KY1iSuVTiksis1YTnjXmMCy/6/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f716bc7d990f22c075e82a5a71a7195_JaffaCakes118

Files

0f716bc7d990f22c075e82a5a71a7195_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d0ac6754da8c9e1c3b4672f13cfa0b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

RealShellExecuteExW
StrChrA
Control_RunDLLW
SHEmptyRecycleBinA
SHFileOperation
SHFileOperation
SHGetDesktopFolder

gdi32

GdiStartDocEMF
GetDeviceCaps
FloodFill
PathToRegion
PtInRegion
RectInRegion
PolyPatBlt
GetTextColor
GetPixelFormat

user32

ChangeMenuW
CopyImage
CallMsgFilterW
CreateMenu

Sections

.text
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE