214d897876ac910e2af9c13dfa17309c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

214d897876ac910e2af9c13dfa17309c_JaffaCakes118
Size

48KB
MD5

214d897876ac910e2af9c13dfa17309c
SHA1

fd0712b66f81343752461362b61f4f7e5a9bfa84
SHA256

8b1c8e256a6c78aca58e3c76c9f252a9408db704469133819802db08ae752c04
SHA512

e62e39afa1491030fb746c1588f7f44cf1cee87ef50e1d4027acb3a7048203d535eff736db1f1f4f727de4b0168d0c105e09a0afb988b13c9e98207c78a5931f
SSDEEP

768:Fl/2BGSdXPPGlQzPpbP6JpAOGgCTape33dV6nLL1CVnuRnXEFWvg0/P6Bckx0LMc:FliGSJKQlbyJpPMWkHX6nLLAEXEgYYOQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
214d897876ac910e2af9c13dfa17309c_JaffaCakes118

Files

214d897876ac910e2af9c13dfa17309c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ac63bb1403dd8dca9694fddb1dc834e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrCmpNIW
wnsprintfA

user32

CharLowerBuffA
EndDialog
GetCursorPos
GetIconInfo
GetWindowTextA
OpenDesktopA
PeekMessageA
SetProcessWindowStation
SetThreadDesktop
ToUnicode

Sections

.forkp
Size: 38KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dyb
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vorid
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ