a5bf7132c36e12362be61bcdb9b6701d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5bf7132c36e12362be61bcdb9b6701d_JaffaCakes118
Size

98KB
MD5

a5bf7132c36e12362be61bcdb9b6701d
SHA1

a1fb6f7a866695ffb1134a0b57981a16e77d968b
SHA256

8ccf8284a604e7c6b0bcf8bcbc3ae6dbab8cd8a77d0798494562587d3c5fc39b
SHA512

ddf098db8691bb8a071db0aa56c09f028294392b8e8f7feb0633d7b29e1cf02cb8ed2f2f18bd251b1405efd9025c10aea5e8b2a19964ac8aef89d823ba0a3add
SSDEEP

1536:pdwL+rBVoqTLKRqHlMIlc+JSYbYuzkGffTwtG4ESoF5w9H4aQUGFNZAesNoiW4m3:3kH5qrfFQGsMbp7w9HbQuNoi3a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5bf7132c36e12362be61bcdb9b6701d_JaffaCakes118

Files

a5bf7132c36e12362be61bcdb9b6701d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5f9d10594a27362b462ff005e74b817

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
DragQueryFileA

kernel32

GetModuleHandleA
ExitProcess
GetEnvironmentStrings
GlobalAlloc
CreateFileA
GetFileAttributesA
DeleteCriticalSection
GetDiskFreeSpaceA
CreateEventA
VirtualAlloc
ReadFile
GetFullPathNameA
MulDiv
RaiseException
LockResource
CreateThread
LoadLibraryExA
MoveFileA
WriteFile
GetVersionExA
lstrlenA
GetUserDefaultLCID
LoadLibraryA

user32

GetActiveWindow
IsRectEmpty
IsWindow
GetMenu
IsIconic
IsCharLowerA
LoadIconA
IsWindowEnabled
IsDialogMessageA

shlwapi

PathFileExistsA
SHStrDupA
SHDeleteValueA
SHGetValueA

Exports

Exports

EeZEBf6T@12

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ