6107050e38857f7b4693d651b9925425_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6107050e38857f7b4693d651b9925425_JaffaCakes118
Size

172KB
MD5

6107050e38857f7b4693d651b9925425
SHA1

d950e0b55009bbbc83dfda29f1fd51f1b61c6a23
SHA256

9c7446d8ff3b9042d88153fe4ce454cfc9c879133ca287a12876ab6c36d0f999
SHA512

895cff345abd3741aaa7fd300b8d6935d2110bfd0d9ea6bfbb0242018d2e36567adad651cbafc6cc5a98eacd1fee4da1ad837fe6ceb7ed3e0589bb13771a0f86
SSDEEP

3072:ZJ+EwOPiBb2dA9tYzylo4rc3ldK6NlxzZZvKox6SMWHYO7kQ:ZoENqb2S9tOo9Q1dK8xzZlPwN7O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6107050e38857f7b4693d651b9925425_JaffaCakes118

Files

6107050e38857f7b4693d651b9925425_JaffaCakes118
.exe windows:4 windows x86 arch:x86

333cef2efac04abcb0b5da5a8ff49413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
IsDlgButtonChecked
OemToCharA
MessageBeep
MapWindowPoints
GetDesktopWindow
GetMenu
CharLowerA
IsWindow
LoadIconA

kernel32

LoadLibraryA
GetUserDefaultLCID
GetTickCount
ExitProcess
GetThreadLocale
VirtualAlloc

shell32

SHGetFileInfoA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetDesktopFolder

gdi32

GetTextColor
CreateBrushIndirect
CreateCompatibleBitmap

Exports

Exports

_DjFZoqBj1q@16
_oc9i17rzu
_c08htHg
4XcboX_4C
TzhfEANZee@12
AeLa_XxXDxlV
XIZHfK

Sections

CODE
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 758B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ