93cadfc7156e4dcf1f8b86a9b9b2892e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

93cadfc7156e4dcf1f8b86a9b9b2892e_JaffaCakes118
Size

114KB
MD5

93cadfc7156e4dcf1f8b86a9b9b2892e
SHA1

0e010bb696cb7d989ef5742496e3cb6054fec5d6
SHA256

e13843cd2280a49940cf101709d76490b0f4df15f84e137593ee0350744c5a23
SHA512

d16e2cccf5168938e99d58c6b27ae9efae5e6de2f1e304cda45075db2f03ad1fd7abf8bfbf4a2142a17c1ba76c0a450df52e5046a2c5f3e37907042e086455b2
SSDEEP

1536:0zZ+GSSvEdHLG9CuH/LFeJReqii1Fg+9X2IxYyoTos5njh3XBJeTmlyATYbHicV+:EwhS856PReCJi16I6ptXwbHicV8FMe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93cadfc7156e4dcf1f8b86a9b9b2892e_JaffaCakes118

Files

93cadfc7156e4dcf1f8b86a9b9b2892e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

751891dfbab109db8b337da3713e9c41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
CloseHandle
VirtualAlloc
LoadLibraryA
ExitThread
Sleep
ExitProcess

shell32

SHGetSpecialFolderLocation
SHFileOperationA
DragQueryFileA
Shell_NotifyIconW
Shell_NotifyIconA

user32

GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetKeyboardState
GetDesktopWindow

Exports

Exports

bKQom1@20
w7qMJE2NG@20
fC4fKqROU8iVjj
_DZl2dsZIs
qIADq@12
ILpIQ@16
_59IItyw4ngz
nKvt8Y8jQOM@8

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text