62029e46cef196fed1b57c36efc8ea1d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62029e46cef196fed1b57c36efc8ea1d_JaffaCakes118
Size

131KB
MD5

62029e46cef196fed1b57c36efc8ea1d
SHA1

e10bd4329a8c80a3b09f977519eb6cbe6f3d0db0
SHA256

6bf909394095195f297ffd2a3894170cff5dc5639c1152b3bc2f11e2501f03e4
SHA512

6e6510f21f50589475728a242b8933accb60b5d17e33dd09bd571941ee5e2e8d8e69b032103afd8812f9809df6640aa591e3d6dc427704bf4f74491f8ca24fb6
SSDEEP

3072:8XdW3L0FL3oGqw2Ur3apAXdP3z+WEEVTvdt:YeL0J3RqwPrKpAdPzBzpv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62029e46cef196fed1b57c36efc8ea1d_JaffaCakes118

Files

62029e46cef196fed1b57c36efc8ea1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f152758767ef88fd49ca40dd2a924bbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
DragQueryFileA
Shell_NotifyIconW
Shell_NotifyIconA
SHGetSpecialFolderLocation

kernel32

VirtualAllocEx
GetProcAddress
ExitProcess
GetCommandLineW
GetStdHandle
GetProcessHeap
LoadLibraryA

msvcrt

malloc
srand
wcschr
mbstowcs
wcstol
memmove
wcscspn

user32

wsprintfA
IsWindowEnabled
LoadIconA
GetSystemMetrics
LoadBitmapA
GetMenu
MoveWindow
GetCapture
CreateWindowExA

Exports

Exports

eK08Gp2_GvAB
_E8t5oPYKKT
_g9Xjemt1@24
_8p9odc@8
92TUMGztS@24
_cN17raASk1TF

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 818B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iidata
Size: 1024B - Virtual size: 845B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ