a4ba6282fb24926f126b34fdc6085af4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4ba6282fb24926f126b34fdc6085af4_JaffaCakes118
Size

173KB
MD5

a4ba6282fb24926f126b34fdc6085af4
SHA1

b8d11a97cb7d162118290986073edda3cc8b6efd
SHA256

e34bccab07a5a186340491d373e2027278aa56f6b392e5824b4038a8e85d09df
SHA512

28130ef211386efcc63a7c2f86adb374441648a9a3a2697d22e76bae0ebff63ee2b9c5f6e38e2b866e96cefda7de6545286b933c243bf8de7aa54b0de9321544
SSDEEP

3072:9B1tYq+kgxVmCDUoUtprYtxJGEzwUpZYoXkCod2Yf1nJSENCf7VWU6vRnivbzqt:TYZxHEA9GE59kCod2K6ff50vRgEA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4ba6282fb24926f126b34fdc6085af4_JaffaCakes118

Files

a4ba6282fb24926f126b34fdc6085af4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3251a68625a184f04b098ff5661ba882

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

kernel32

GlobalFindAtomW
GetProcessHeap
VirtualProtect
GetCurrentProcessId
GetCurrentProcess
LocalAlloc
InterlockedCompareExchange
GetModuleHandleW
InterlockedExchange
IsDebuggerPresent
QueryPerformanceCounter
GetLocaleInfoW
EnumResourceLanguagesA
GetCurrentThreadId
TerminateProcess
GetPrivateProfileSectionW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FoldStringW
GetSystemTimeAsFileTime
GetStartupInfoA
GetTickCount
DeleteFileW

shlwapi

GetAcceptLanguagesA
PathCreateFromUrlW
PathAppendW
UrlUnescapeW
PathFindExtensionW
StrCmpIW
PathRemoveFileSpecW
PathIsRelativeW
UrlCreateFromPathW
PathCombineW

oleacc

CreateStdAccessibleObject

Sections

.text
Size: 91KB - Virtual size: 486KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ