a89ebf382143cc21074bbfb7e77cd837_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a89ebf382143cc21074bbfb7e77cd837_JaffaCakes118
Size

273KB
MD5

a89ebf382143cc21074bbfb7e77cd837
SHA1

eb49b23954bf70bb2e206bceb312056ef345ff6a
SHA256

345dfa605094f602369ab5efe425e746483501da7f742aad754749c6ad082e74
SHA512

d46e1903a58f1d5216ba2473d44e2b4e4e2cf9b1fd76fcca542f8257fa564b90da367db49ad6bcf3a55b2f17696af3850506a899ed0e625d21c0281849e5340a
SSDEEP

6144:9AcdVC3wCMtPf3/5y+DoRlJY5idOyIsHGPs46:1d4bMtH/5y+DwIizIgGPsb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a89ebf382143cc21074bbfb7e77cd837_JaffaCakes118

Files

a89ebf382143cc21074bbfb7e77cd837_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d98862dea16e4bb2b815c32d705b6369

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenu
IsWindow
GetTopWindow
FrameRect
GetActiveWindow

oleaut32

SysReAllocStringLen
GetErrorInfo
SafeArrayPtrOfIndex
SysFreeString
RegisterTypeLib

kernel32

LocalAlloc
LoadLibraryA
GetACP
ExitProcess
VirtualAlloc
FreeResource
FreeLibrary
FindResourceA
FormatMessageA

shell32

Shell_NotifyIconA
SHGetSpecialFolderLocation

Exports

Exports

_R7G6XY
LO4pBfdp9Q1di@24
_7oSQ7R5iglB7n@20
w83WN@4
SeVr4Nc4P3Mc7@16
Qif5bv1sCAZC

Sections

CODE
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 689B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ