78ad8398767c2093a44d71110c961940_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78ad8398767c2093a44d71110c961940_JaffaCakes118
Size

105KB
MD5

78ad8398767c2093a44d71110c961940
SHA1

d61dda0bdaecfde8c0b8f99bdd93dc40c43f90e4
SHA256

7475aaa63f86ad62b48ec7bec28f1d0cda6e22508ec516f0102821f229511409
SHA512

ac8b744d174c03011913a7f0de81b059653553a3c6395eb235645f5e00756600f731c76ae20510e4d5638d59f3e5af0231f9ad71520d1178be897cb4e7910324
SSDEEP

1536:rdu8fB2U+YkIHADkwtjvv1TS2kq2jOMYC5Mzf4qJhbtjY1vnhUxdoOjWDbF4mC:rQ8p4Y5mlvsNq2XZSK1vhanjo+j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78ad8398767c2093a44d71110c961940_JaffaCakes118

Files

78ad8398767c2093a44d71110c961940_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0b6a42b6b54d825f94f506fbbcc5618

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathA
SHFileOperationA
SHGetFileInfoA
Shell_NotifyIconA

gdi32

LineTo
GetBkColor

kernel32

ExitProcess
LoadLibraryA
VirtualAlloc
VirtualAllocEx
GlobalDeleteAtom
GlobalAddAtomA
GlobalAlloc

user32

GetMenu
GetMessagePos
GetMenuStringA
GetWindow

Exports

Exports

33tHo6oQ
_N6pr59Y

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 581B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hidata
Size: 1024B - Virtual size: 898B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ