17a2475394492d183dc1ea4f2dbace6f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17a2475394492d183dc1ea4f2dbace6f_JaffaCakes118
Size

131KB
MD5

17a2475394492d183dc1ea4f2dbace6f
SHA1

dadeee163b1135226962505f8bb1e1d40cc862bb
SHA256

724c69ba12184837cfabd2687df4d008e1b189fc28442461aa603dd43b20fb35
SHA512

6c9d94bb2097e323252c77f7168f02079b72e4248f38170c4e4fe3ba5b2c6632474f2907c401615570c62636c2217fefafe79be0b066e636208e6224c8bf24ce
SSDEEP

3072:8LdW3L0FL3oGqw2Ur3apAXdP3z+WEEVTvdt:4eL0J3RqwPrKpAdPzBzpv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17a2475394492d183dc1ea4f2dbace6f_JaffaCakes118

Files

17a2475394492d183dc1ea4f2dbace6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f152758767ef88fd49ca40dd2a924bbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
DragQueryFileA
Shell_NotifyIconW
Shell_NotifyIconA
SHGetSpecialFolderLocation

kernel32

VirtualAllocEx
GetProcAddress
ExitProcess
GetCommandLineW
GetStdHandle
GetProcessHeap
LoadLibraryA

msvcrt

malloc
srand
wcschr
mbstowcs
wcstol
memmove
wcscspn

user32

wsprintfA
IsWindowEnabled
LoadIconA
GetSystemMetrics
LoadBitmapA
GetMenu
MoveWindow
GetCapture
CreateWindowExA

Exports

Exports

eK08Gp2_GvAB
_E8t5oPYKKT
_g9Xjemt1@24
_8p9odc@8
92TUMGztS@24
_cN17raASk1TF

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 818B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iidata
Size: 1024B - Virtual size: 845B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ