452b827d1cba533ec215ea2ba81c7155_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

452b827d1cba533ec215ea2ba81c7155_JaffaCakes118
Size

126KB
MD5

452b827d1cba533ec215ea2ba81c7155
SHA1

94525d880bd29d27f472740d49f67cb3737e7c71
SHA256

cf191b9901177ad722f26689c55905f66fd84467a4911f395af00acc8842522d
SHA512

b425ea15dc3d27e06f77f316c4125b7a5e8283112af3cf5d1be562c63b767cdc548197d7a344bc8f3277704009b5e29a41b7d80785c926eb219a938a19ba2f0f
SSDEEP

3072:JtB32w6a/o71CUoQwgiccdBWz6fM2xw1c1:fBGw68Q1oQbHcdBmoJw1e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
452b827d1cba533ec215ea2ba81c7155_JaffaCakes118

Files

452b827d1cba533ec215ea2ba81c7155_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b2541a594b95ca7adf220993c2a0369

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconW

user32

GetDCEx
GetCursor
GetDC
GetTopWindow
GetClipboardData
GetCursorPos

kernel32

InitializeCriticalSection
LoadLibraryA
LoadResource
GlobalFindAtomA
VirtualAlloc
HeapAlloc
ExitProcess
HeapFree

Exports

Exports

_NKWUAvAAMWJhm@16
dKMAy9nE_k@20
_QfOeKMtKir
Vil8Fh@20
_GAvjFU@16
_LKGfeNU8Xq9@16
_2x1BX

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 723B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text