6fe127c7b58bf80210f1713d34812766_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fe127c7b58bf80210f1713d34812766_JaffaCakes118
Size

40KB
MD5

6fe127c7b58bf80210f1713d34812766
SHA1

c3cf39c68aeda784787f04d10b0350a0a6c16ff2
SHA256

aff94d418dbca14766ca9eee79e760a14bcc91aa6861d25d8699946447a2499a
SHA512

7f96dfbc08afa1931f0c2adc357258d7e064d827a39f421efed24fc0918196e59433b0cc5744d576d5e3725f9ac772d2781fc1bd7420375b02e9372970da7f69
SSDEEP

768:qsPeq989up7pWd3HAZGi6u45CaE/3HWM9es52Q:l2qZXk3HD5C3HWMALQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fe127c7b58bf80210f1713d34812766_JaffaCakes118

Files

6fe127c7b58bf80210f1713d34812766_JaffaCakes118
.exe windows:4 windows x86 arch:x86

16e6c9349bf03b1a7ebbcbca0629611a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetProcAddress
LoadLibraryA
VirtualProtect

user32

GetCursorPos
GetSubMenu
SetFocus
SetWindowPlacement

shell32

DllGetVersion
DragQueryPoint
ExtractIconEx
InternalExtractIconListW
SHGetNewLinkInfo

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rel
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 25KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE