9476540f3dcf038d15fc33249a0e8899_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9476540f3dcf038d15fc33249a0e8899_JaffaCakes118
Size

138KB
MD5

9476540f3dcf038d15fc33249a0e8899
SHA1

b1413a183b78e7779ddc0075e9503556346eec91
SHA256

7e2cf76760be0daad486bb19beaad68c1adc110fc0d53060052d7f0453de7fec
SHA512

5a9c409bb060d84208ce70f7ce6221c260fa41915b0be02a4b0e8d7d64bc87d883f9c9ee8b234334f327632c4a9e63c2b1fd1622c361bb319f85f1a8e8ce3a98
SSDEEP

3072:eA0N+DQTXD8B8x48n4QU/Xf2DnB7GI1HVOlB7yy6DIQ9keX7ED1i:ON+M8B854jOjhf1UlzyY0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9476540f3dcf038d15fc33249a0e8899_JaffaCakes118

Files

9476540f3dcf038d15fc33249a0e8899_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ffdf137fa0c6ffbf9d5aa0e94094a867

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

RealShellExecuteA
DragQueryFileW
DragQueryFileA
ExtractIconW

comctl32

ImageList_Duplicate
ImageList_Merge
MakeDragList
MenuHelp

ntdll

CsrNewThread
DbgUiRemoteBreakin
LdrAccessResource
LdrEnumResources
LdrGetDllHandleEx

kernel32

CloseHandle
CreateFileA
GetPriorityClass
WriteFile

Sections

.text
Size: 63KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE