33ec39b905a23329cf735ceb96b063c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33ec39b905a23329cf735ceb96b063c4_JaffaCakes118
Size

172KB
MD5

33ec39b905a23329cf735ceb96b063c4
SHA1

fcdec6c2027be3102f6008096e053b10ee8a65cc
SHA256

0a9735b0a7a3bbc166a2572d9740daedb081a0d412166ce7c4c47f7e3a9e5b8b
SHA512

21bd3b76e352a91e7130f08fe4399a1e168efe69a61244b8c73977518643bb20c3edc079e0e24c36059f459ae3eb536c9405f783ff7d389ac73e621d0b1bbba7
SSDEEP

3072:3NvJFe1kPRAAA5SzATaf9KdIMLp4E+7uSUcHh6bBWMU1gmVGsVrupDRbBF:3NvJK5OAAJMn+7uSUcB6cgm0s9u/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33ec39b905a23329cf735ceb96b063c4_JaffaCakes118

Files

33ec39b905a23329cf735ceb96b063c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e990d6ff4df80a826c1e1db2f0c39b52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

shlwapi

GetAcceptLanguagesA
PathCreateFromUrlW
PathIsRelativeW
UrlUnescapeW
StrCmpIW
PathRemoveFileSpecW
UrlCreateFromPathW
PathAppendW
PathFindExtensionW
PathCombineW

kernel32

GetLocaleInfoW
GetCurrentProcess
GlobalFindAtomW
LocalAlloc
GetCurrentProcessId
InterlockedCompareExchange
TerminateProcess
GetStartupInfoA
VirtualProtect
IsDebuggerPresent
InterlockedExchange
EnumResourceLanguagesA
GetCurrentThreadId
GetTickCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetPrivateProfileIntW
QueryPerformanceCounter
GetProcessHeap
GetModuleHandleW
GetSystemTimeAsFileTime
FoldStringW
DeleteFileW

rpcrt4

UuidCreate

Sections

.text
Size: 86KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ