834057331f575da6adeb59b9ec536c26_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

834057331f575da6adeb59b9ec536c26_JaffaCakes118
Size

103KB
MD5

834057331f575da6adeb59b9ec536c26
SHA1

c9baa13092a8381eceb7f707ee22e5f805cc5370
SHA256

b65ccad251b75355c50ed36061c08a479097619c329833b0ddb64f02740e0f4d
SHA512

dfdfc9a049154b36328f57eb1e885d72d2500ceb14122c363b1c4dc94aaf3e4bd945161b49cdefd1df6a7820944c18195711e43ac24813034ad9cb21c7e70e90
SSDEEP

3072:4TQ9xu8iOCEZIkOVZbzADRPYus40zPh8WEe/V:4TQylGHOwNwuoz5L/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
834057331f575da6adeb59b9ec536c26_JaffaCakes118

Files

834057331f575da6adeb59b9ec536c26_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1e0e640da567725d8c6cc76f96e065f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnterCriticalSection
ExitProcess
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
OpenFile
RtlUnwind
SetLastError

user32

OemToCharBuffA
EnableMenuItem
DestroyIcon
CharUpperBuffA
EndPaint

shell32

SHGetPathFromIDListA
ShellExecuteExA
SHBindToParent
SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc
ShellExecuteA

setupapi

SetupGetInfFileListA
SetupFreeSourceListA
SetupFindNextMatchLineA

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ