4c82ba77ddba323c28e186373edff984_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c82ba77ddba323c28e186373edff984_JaffaCakes118
Size

24KB
MD5

4c82ba77ddba323c28e186373edff984
SHA1

1e3baf4a30045570d32936243b8be046a019d43d
SHA256

4d9ce357d646eb4b2bcf97c4a642c4d46ab0212f43238c5582720723863d793c
SHA512

0deb19834d5e11b0be8a2e8e56dd9ca87ffbc97b7b2101bcad0bafa9cb041ec9dc4a01eab90e92ee917ad6ca5d596efe61645a3fc4df3d2d312e579611a69dae
SSDEEP

384:Mi978zOHwbX3648yZrQViihV3sX9Y0HcPVLepBbK4vHtcyAPLKV:b9QtXq4dZrohV3O9Y0AGBbK4vHdAPm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c82ba77ddba323c28e186373edff984_JaffaCakes118

Files

4c82ba77ddba323c28e186373edff984_JaffaCakes118
.exe windows:4 windows x86 arch:x86

581f14067269d32de70cb655127d39f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHQueryRecycleBinW
ExtractIconW
CheckEscapesW
SHLoadInProc
SHFileOperationW
StrRStrW
SheFullPathW

user32

CreateDialogParamW
DdeClientTransaction
DdeInitializeW
DdeUninitialize
GetClassLongW

kernel32

GetModuleHandleW
GetStringTypeW
GetThreadLocale
IsBadCodePtr
IsBadReadPtr
LocalHandle

gdi32

Chord
DPtoLP
CreatePen
EnumICMProfilesW
ExcludeClipRect
BitBlt
Arc

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE