94867f05e1f7827010fe4de822e4e944_JaffaCakes118 | Triage

Sharing

General

Target

94867f05e1f7827010fe4de822e4e944_JaffaCakes118
Size

118KB
MD5

94867f05e1f7827010fe4de822e4e944
SHA1

1a86dcc7a7999fde6e45bef3a785540bd65111b8
SHA256

aea018bbab06cc4e94f860decf004c7e52757a2b4fbef478ab8c0db2a943545d
SHA512

28765a71c671c267cfd2c51c311f6f6c77bd4b7e78233f26f7d9a508cc4e82cacf13475a879571396a4266b1ed14ee307ae44841a13645f6b94e316644ba2571
SSDEEP

3072:FqWo/SRgmZscHc5ySb9KgAOgI54Kb12zhPzT4CVoNfdUo:FBoao/xgxKbCzTqr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94867f05e1f7827010fe4de822e4e944_JaffaCakes118

Files

94867f05e1f7827010fe4de822e4e944_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35a4942e0773bf7ba132e0584d0e06a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCommandLineA

shell32

SHLoadInProc
ExtractIconA
ILGetNext
FindExeDlgProc
PathIsSlowA
PathResolve
SHAlloc

user32

CharToOemW
CreateIconIndirect
FindWindowW
GetClassWord
DestroyCursor
GetMenuState
GetUpdateRgn

Sections

.text
Size: 68KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE