75da3d467da089600ffb479d966cce67_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75da3d467da089600ffb479d966cce67_JaffaCakes118
Size

28KB
MD5

75da3d467da089600ffb479d966cce67
SHA1

78cf5a52b9341d4e119bbdaf3a5f918c5af06120
SHA256

0397b4dfc2620c11e896340b3c33a03e3b2d6888ae0e734bedaa7d22485d7ef0
SHA512

cf27da04da9ba95cba1b04240d6af77e228f8f673fa2c102370865d971108d30199c325b8b0c17b873c4c0ce2d68efc9cbc7f0272839f8d6968237472d4b91fe
SSDEEP

768:/iL5jeeDLVwMfVebVC6ze0S8xeU5exHD7DuO:/iNje27fYbVC6i0rf5exHCO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75da3d467da089600ffb479d966cce67_JaffaCakes118

Files

75da3d467da089600ffb479d966cce67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51d5f507286fe9a2db75f423fbc06a61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

fabs

comctl32

InitCommonControls

user32

IsChild

gdi32

BitBlt

ole32

CoInitialize

shell32

ShellExecuteExA

winmm

timeEndPeriod

shlwapi

PathQuoteSpacesA

Sections

.MPRESS1
Size: 20KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE