730e843f24988822fad013e635639c12_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

730e843f24988822fad013e635639c12_JaffaCakes118
Size

131KB
MD5

730e843f24988822fad013e635639c12
SHA1

be7dc7762217e4dda9ce7e65b515dd5407a04af4
SHA256

a5ae0e8821da89b3f106f714c7fbb9b41e04dff438aa97ec0afc6dc669c26c9d
SHA512

c3878a7af800e3d24279ff01df47dcedd8d423a36b961713e5eaff87b57c6be8616f0ada0db1cc45ad80d73c9124be81dbec48d4d78b3650edb8d7c13c6b9ad5
SSDEEP

3072:IpAcvnLr5U4zmzY/e2GJ1At6Fd3Li56vKlWf8zvjINar+9jGXty4NJgU:WNU4zm0/eD1r3qlW2I8y92tf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
730e843f24988822fad013e635639c12_JaffaCakes118

Files

730e843f24988822fad013e635639c12_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7d134f79ce50692b3a621ecc54d13ca0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripPathW
PathMakePrettyW

msvcrt

ldiv

kernel32

GetTickCount

advapi32

CryptDestroyKey

user32

GetWindowDC

Exports

Exports

��ainPressA@344GPAUHINSTANCE__@@U_COMMPROP@@%Y
?GainPressW@344GPAUHINSTANCE__@@U_COMMPROP@@%Y
?GainWordA@344GPAUHINSTANCE__@@U_COMMPROP@@%Y
?GainWordW@344GPAUHINSTANCE__@@U_COMMPROP@@%Y

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ