398874206dc89f3f2aa98f7a9012d15d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

398874206dc89f3f2aa98f7a9012d15d_JaffaCakes118
Size

173KB
MD5

398874206dc89f3f2aa98f7a9012d15d
SHA1

4b590c77f43624f56ad483d8d91e58a2d7d36743
SHA256

0e15e0de6183163eafde7f97cd234a781b5d6f50f11b26ff0817f5d91cad0409
SHA512

ce6685778145ad08964bbba52b3f22aff7ca2e256456c42d3e5377bf6b54ea831b055814a0cee70e44731d2a18793d92f09a367f5a732df094f16f635c36e117
SSDEEP

3072:k1ZFj37KOhV2e1bJ0tfw3kuZPU5WUnfkx1sCmURYz8XGz5Pe8EY3zqeSuV8Uf:k1/D7lh4e19qY0ZM8Cc/z528R32eH8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
398874206dc89f3f2aa98f7a9012d15d_JaffaCakes118

Files

398874206dc89f3f2aa98f7a9012d15d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

94c04fc6d684f293bc8f418fb8e193aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetPixel

kernel32

lstrcmpiW
GetModuleHandleW

shlwapi

ord29
PathCompactPathExW

Exports

Exports

?BingoGetOut@!PEH_KK:X

Sections

.text
Size: 25KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.irda
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ