23e323ac862558bde76c586d8a0733ea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23e323ac862558bde76c586d8a0733ea_JaffaCakes118
Size

183KB
MD5

23e323ac862558bde76c586d8a0733ea
SHA1

7267941eaceb6b09b32673390a8a364a8e4d223d
SHA256

eb90454bfa988ec50536405e568f1d766d2c9c991f04e81f32183199b46ccfdc
SHA512

19dd425eba40d2aff3cd30501c55de89b777ca8a8e844aa5de36078856e993e3ccdd11151dea7bcc4a4daa436f56d9f75b79ccfb5b6e43ceb70bcbeced6e2493
SSDEEP

3072:sGuHyJmF1grdXt2FZEersjh7s/qdGRvJVfMNksQjnb8EUkPQDD4kmaGNXSNq:uHCmoXt2bEersN7mvJtOmbUrD4f/NXSE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23e323ac862558bde76c586d8a0733ea_JaffaCakes118

Files

23e323ac862558bde76c586d8a0733ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0896d324c9d522878880dc804cd50560

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindVolumeClose
SetConsoleOutputCP
GetCPInfo
FoldStringA
EnumResourceTypesW
ExpandEnvironmentStringsA
InitAtomTable
FlushViewOfFile
GetLargestConsoleWindowSize
Module32NextW
lstrcatA
Heap32ListNext
FatalAppExitA
FoldStringA
MapViewOfFile

user32

HiliteMenuItem
GetScrollRange
LookupIconIdFromDirectoryEx
SetCaretBlinkTime
SystemParametersInfoW
EnumDisplayMonitors
EnumPropsA
GetDlgItemInt
SetCursorContents
MessageBoxExA
GetDCEx
GetMenuStringW
SetMenuContextHelpId
ScrollWindow
SetCaretPos

shell32

ShellExecuteExW
RegenerateUserEnvironment
FreeIconList

Sections

CODE
Size: 9KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 169KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ