a30553f406f9a09154c24da1fbc3cd42_JaffaCakes118 | Triage

Sharing

General

Target

a30553f406f9a09154c24da1fbc3cd42_JaffaCakes118
Size

164KB
MD5

a30553f406f9a09154c24da1fbc3cd42
SHA1

9a4c5f0a5e006896fe6b0f7b7d1cba824a6b4458
SHA256

afa579a303bd089ae6e9fe330cec909f15d7ba3fbf30ed35ae0b357a12b4f0ca
SHA512

e6f6383dd6ce8e006687ed666d978f25af2d7c74f8a02900ac586e915396b6578d64ea6844f4733509f885063b7cbd0b639109e99e0c5b7c59bbcf200247e936
SSDEEP

3072:SIKV5GDtFBNfHhgidCX5FeBexnhb8cqJSDRa7FzJ1AQo0/rW/No31+5:8DM5NfmXKeD8c2tFzJ1Az/qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a30553f406f9a09154c24da1fbc3cd42_JaffaCakes118

Files

a30553f406f9a09154c24da1fbc3cd42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05d4d325caa13ae1375a932e8b2c339d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetCommandLineA
LoadLibraryExA
ExitProcess
LoadLibraryA

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconW
Shell_NotifyIconA
SHFileOperationA

user32

GetPropA
GetMenu
LoadCursorA
GetScrollPos
KillTimer
CreateMenu
GetScrollInfo

oleaut32

SysStringLen
VariantChangeType
SysFreeString
SafeArrayUnaccessData
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCreate
SafeArrayGetUBound
GetErrorInfo
SysAllocStringLen

Exports

Exports

2SdRPUvEs@16
_9OJOl
M3tEiSUauSg@24
_OUpi3
rqAFdKB1f
c1ClLfgcVLu9R
SOkRWsu0Ek

Sections

CODE
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ