41819d35f527fb922ea4eec78c3d442f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41819d35f527fb922ea4eec78c3d442f_JaffaCakes118
Size

151KB
MD5

41819d35f527fb922ea4eec78c3d442f
SHA1

dced454c089797632faaefa641955765e6a8fa7b
SHA256

16e2c5fd77d2910bf92fb4192d7d9e0e9f3e4383b1e37d41f843775ce45dec0f
SHA512

83057180460e971e49c8a69ce0af95e64fb2267232d1d9c65a3364c8d1b080a03d2c3f5693c06b50959652d5e77c5ba67e1ef2bc503d0aea85a7617830c9bb0a
SSDEEP

3072:NkylADOkKnWGWbtxNUN5y05o+2qHeH/VJAOz5rm:NkpDsqrWN5yUo+2sefVKi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41819d35f527fb922ea4eec78c3d442f_JaffaCakes118

Files

41819d35f527fb922ea4eec78c3d442f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e37f15f13465974954da5a5f4e289aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconW
SHGetDiskFreeSpaceA
Shell_NotifyIconA
DragQueryFileA
SHGetDesktopFolder

kernel32

LoadLibraryA
lstrcpynA
VirtualAllocEx
GlobalDeleteAtom
VirtualAlloc
VirtualFree
GetFullPathNameA
ReadFile
GetStringTypeA
GetLocalTime
GetModuleHandleA
ResetEvent
GetCPInfo
GetFileType
GetCommandLineW
CompareStringA
ExitProcess
GlobalFindAtomA
CreateThread
GetLastError
CloseHandle
GetOEMCP

user32

IsWindowEnabled
GetFocus
GetMenuItemCount
GetMenu
IsWindowVisible
IsWindowUnicode
GetWindowDC

comdlg32

GetSaveFileNameA
GetFileTitleA
FindTextA

Exports

Exports

2WYYDQsrH2@12

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ