8c5cbc68d97a0ccd0ab68c189b0fd87d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c5cbc68d97a0ccd0ab68c189b0fd87d_JaffaCakes118
Size

164KB
MD5

8c5cbc68d97a0ccd0ab68c189b0fd87d
SHA1

d81d51b38f9608ebbb8f2bc209dfec51d590f4d2
SHA256

a4e0ac7aa6a167ad706e7461c421390193d9d1dc0189639a624471eb60f44d78
SHA512

ea0db3e8e88abf7a528db0ce1d4af5de1f83359e5f5031a95a56ae32656383e121dc343044d1f9cdfd41d91f05a4166c2d37ec38f55b1d25b28178ce52dfed00
SSDEEP

3072:SIKV5GDtFBNfH6gidCX5FeBexnhb8cqJSDRa7FzJ1AQo0/rW/No31+5:8DM5NfDXKeD8c2tFzJ1Az/qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c5cbc68d97a0ccd0ab68c189b0fd87d_JaffaCakes118

Files

8c5cbc68d97a0ccd0ab68c189b0fd87d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05d4d325caa13ae1375a932e8b2c339d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetCommandLineA
LoadLibraryExA
ExitProcess
LoadLibraryA

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconW
Shell_NotifyIconA
SHFileOperationA

user32

GetPropA
GetMenu
LoadCursorA
GetScrollPos
KillTimer
CreateMenu
GetScrollInfo

oleaut32

SysStringLen
VariantChangeType
SysFreeString
SafeArrayUnaccessData
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCreate
SafeArrayGetUBound
GetErrorInfo
SysAllocStringLen

Exports

Exports

2SdRPUvEs@16
_9OJOl
M3tEiSUauSg@24
_OUpi3
rqAFdKB1f
c1ClLfgcVLu9R
SOkRWsu0Ek

Sections

CODE
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ