ad0dea29ced119dba1380139c7cecf77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad0dea29ced119dba1380139c7cecf77_JaffaCakes118
Size

158KB
MD5

ad0dea29ced119dba1380139c7cecf77
SHA1

14d10e768507d066c106af97990267bd072c9193
SHA256

294b545f0f666c56c40a360557c58da4b72a575d1c784ca3925372446dd7810a
SHA512

c60b9e9c53e2ad4dc9b2c6ac8b6cbaca8f777effca332b8b2fd15cb4436ec16aff5f878122acbb191814e3fd680b8e366889b2e19dec83bd739d4c0f99cf7189
SSDEEP

3072:qNzdlCLF2/Xgn9+sG0oH1iX2r71p1A8ultbxGEUXWVVp0mfBZA/8:+3CLF2/XgnIsIhd4GpXWhj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad0dea29ced119dba1380139c7cecf77_JaffaCakes118

Files

ad0dea29ced119dba1380139c7cecf77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c0b72f818984d057f0eba91933bfe01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileA
SHGetFileInfoA
SHGetFolderPathA
SHFileOperationA
Shell_NotifyIconA

user32

GetMenu
IsWindowUnicode
DrawIconEx
LoadCursorA
DrawEdge
DrawFrameControl

gdi32

GetTextAlign

kernel32

FindResourceA
ExitProcess
LoadLibraryA
lstrlenA
VirtualAlloc
FormatMessageA
FindFirstFileA
GetCommandLineA
FreeLibrary

Exports

Exports

VGU2Q3lM
kN3TeGp8
p1bFodyeP
_j6u3tISZ81O
JA7t03y9
_wTzFtA@16
sLr_QLpur6gC

Sections

CODE
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 679B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ