7382155def64082579b2b9fd18a03240_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7382155def64082579b2b9fd18a03240_JaffaCakes118
Size

25KB
MD5

7382155def64082579b2b9fd18a03240
SHA1

4184197e1c8f5cc54cb3783146286f62949d1280
SHA256

95a4c6a9368714b06a665c407ecab0bdaeed14fb5f32ca1d0746c7142f3522fb
SHA512

76ec191b6b6a551e44d7022e4fe0ddab1954c674646a78ba57d3368080ac04028f8781fad536fe9e4d2b94f9cf08e18db4784f5685ac6af9e88cd00c4a8d39fd
SSDEEP

768:enHKmM0qauedFQFtxTXKXAx6ZQgZOgRTjc7DQO:eqmMyTcTXfxhgZzTjtO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7382155def64082579b2b9fd18a03240_JaffaCakes118

Files

7382155def64082579b2b9fd18a03240_JaffaCakes118
.exe windows:4 windows x86 arch:x86

691f1193f16065947032ace3a2329e55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

fabs

comctl32

InitCommonControls

user32

IsChild

gdi32

BitBlt

ole32

CoInitialize

shell32

ShellExecuteExA

shlwapi

PathQuoteSpacesA

Sections

.MPRESS1
Size: 20KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE