3806eb2a114f339cbd7b5915c9f52a56_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3806eb2a114f339cbd7b5915c9f52a56_JaffaCakes118
Size

167KB
MD5

3806eb2a114f339cbd7b5915c9f52a56
SHA1

18b49a2b392e11a09bc59755227cd864acb8c8ff
SHA256

93b20329a0c503dc1e413e04fb27cbf7df85762843968f605232dda39250ab12
SHA512

35a36e92db366dd37d9d7f3c9531d3a46e139e4f75450dc05f50ca637c3b3ef07bc25d54c04cac37990ee5ad8ed8cd390971b226aa3a6550074e33940b38bec3
SSDEEP

3072:vgA3t/HUChfMeeLGZw5f5SKZ1LxxdImrj021AZBQWucIWGu:vlP7eLf5f0+KNzZBQbcIW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3806eb2a114f339cbd7b5915c9f52a56_JaffaCakes118

Files

3806eb2a114f339cbd7b5915c9f52a56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

031f77ae61da8574607f0984832d2087

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
ExitProcess
GetACP
FreeResource
LoadLibraryA
GetCPInfo
GetCommandLineA
GetLastError
VirtualAlloc
FormatMessageA

user32

IsWindowEnabled
GetMenuItemInfoA
GetMenu
GetTopWindow
GetMenuItemID
GetMenuState

gdi32

GetTextAlign
CreateFontIndirectA

shell32

SHGetDesktopFolder
DragQueryFileA
Shell_NotifyIconA

Exports

Exports

lYDnJjBj@16
_OhQ74Z2iB
1siliVQYhcWG
akire7@12
kw8j2s06
8OWuSn

Sections

21
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

2
Size: 9KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

3
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 1024B - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

55
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ