1951c8bca24ae6ec019f951a3ce124db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1951c8bca24ae6ec019f951a3ce124db_JaffaCakes118
Size

34KB
MD5

1951c8bca24ae6ec019f951a3ce124db
SHA1

28457a67a16071086cd749cc66b985c7f73d0189
SHA256

7ff5a27caaf4c2d9df7b54787a08fbec0fe8869a006e4c59fe3e848a11fbe6e9
SHA512

30e24f66f49bac042b6eb3887dd955804367613d8351dfd7f1efd384befd68f72a91dff6a2f00925122999eb61d969a34d0181b876c6b2c0aa21c1eb90c6dcbd
SSDEEP

768:Gd7gVyFe4dfwhWkEHcWqwAVTkhADGIvRUIGC/b:402BwhWHZqws/GIJUg/b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1951c8bca24ae6ec019f951a3ce124db_JaffaCakes118

Files

1951c8bca24ae6ec019f951a3ce124db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70458b1ba7c5e55b4d0fc0795866165b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CloseClipboard
GetDlgItemTextW
GetKeyboardLayout
SetWindowLongW
TranslateMessage

kernel32

ExitProcess
GetFileAttributesW
GetProcAddress
LoadLibraryA
VirtualProtect

shell32

DragAcceptFiles
PrintersGetCommand_RunDLLA
PrintersGetCommand_RunDLLW
SHEmptyRecycleBinA

Sections

.itext
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 19KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE