a13f641d967a5be16ec7d31cc2dc4286_JaffaCakes118 | Triage

Sharing

General

Target

a13f641d967a5be16ec7d31cc2dc4286_JaffaCakes118
Size

27KB
MD5

a13f641d967a5be16ec7d31cc2dc4286
SHA1

f29f4d7cc484c6bb5d2a006b498280be15ae4602
SHA256

576635dfaf0724aa60e06a4df9156628b01dee0d06b2db6b99c1507fe136218d
SHA512

e7f6b7713b8b21a2a89db26ad0c4898c8761713da59208346ce13f4ab06ed71c1932c4834d44fe287d2d0444d407d15fcc30b81fa61657708a6edc69ab972d87
SSDEEP

384:BKuFkwQXyxRMyb357kR4QILfqsCzRV7IEI/4kZ0Tffgy1BIEuaYPlTytUFjYz:BwwQXWb3Gy7f+VEEI/AqEuPlHFjYz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a13f641d967a5be16ec7d31cc2dc4286_JaffaCakes118

Files

a13f641d967a5be16ec7d31cc2dc4286_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0d8e0fbbbe35dd18135bf8a766ca6b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

FreeMRUList
DllGetVersion
ImageList_DrawEx
ImageList_GetFlags
ImageList_LoadImageW

kernel32

ExitProcess
CreateThread
ExitThread
CreateFileA
CloseHandle

msvcrt

_clearfp
_cgetws
_execlp
_fileinfo
_ftime64

shell32

FindExecutableW
Options_RunDLLW
SHCreateDirectoryExW
SHGetFileInfoW
SHGetInstanceExplorer
SheChangeDirExW

Sections

.text
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE