4d3f7f671bbf94aa3c86d7f6a58cc9de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d3f7f671bbf94aa3c86d7f6a58cc9de_JaffaCakes118
Size

133KB
MD5

4d3f7f671bbf94aa3c86d7f6a58cc9de
SHA1

7305bca41bcd73525503f32a095ede3af8c6bd91
SHA256

29024f10f2e0df6c9a25a2c5bfbbf7f4ba9689dc3fc84c4041a9dfe3ed1af31f
SHA512

0e9a7806db1d96bf496da228d8109a992597409c165f2dc4538a2f28931df21b5acd133b76ad8e3651d44651b2c8dc96e1f64d6acbc34ecbac59e7fc80de3abc
SSDEEP

3072:Pcei3CamTayAG8pD3hymVumRiy6I1FWVLrNmAd:PcAlrz0D3hymVNiIKVsAd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d3f7f671bbf94aa3c86d7f6a58cc9de_JaffaCakes118

Files

4d3f7f671bbf94aa3c86d7f6a58cc9de_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d7cf48e270384a7b4a1ea79dd78056b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripPathW
PathMakePrettyW

user32

GetWindowDC

msvcrt

ldiv

advapi32

CryptDestroyKey

kernel32

GetTickCount

Exports

Exports

��ainPressA@344GPAUHINSTANCE__@@U_COMMPROP@@%Y
?GainPressW@344GPAUHINSTANCE__@@U_COMMPROP@@%Y
?GainWordA@344GPAUHINSTANCE__@@U_COMMPROP@@%Y
?GainWordW@344GPAUHINSTANCE__@@U_COMMPROP@@%Y

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ