aa6d9371e77d4c14d876928ba9a6810b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa6d9371e77d4c14d876928ba9a6810b_JaffaCakes118
Size

1.7MB
MD5

aa6d9371e77d4c14d876928ba9a6810b
SHA1

0fb3d46f9a695c5da0b7aff4a9b4e9fc557b3bef
SHA256

f6692808d7a5c4373bb7f82b3e5cd2710446be9a7aba40c3725d1558035de301
SHA512

4f0b639a280b67330cac33d18087730a532b4f7eecbc9647823d40f2edcf837ee88cc7ac8f848f3d19da20109de333f0bd4b744c80aedf7940e50d9285b40705
SSDEEP

49152:HkRoOKAEBTRpS39jnu21+UNECufoFvHOo67B0XBUZvnX:ERo9B/S3t17+CLvuoSeBm/X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa6d9371e77d4c14d876928ba9a6810b_JaffaCakes118

Files

aa6d9371e77d4c14d876928ba9a6810b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d313b171f0b94ebe42de5d5b23e21715

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shlwapi

SHSetValueA
SHGetValueA
PathGetCharTypeA

gdi32

GetDIBits
GetDCOrgEx
CreatePalette
GetBkMode

user32

GetActiveWindow
LoadCursorA
IsZoomed
GetSysColor
GetWindowLongA
GetScrollRange
GetScrollPos
CreateMenu
GetSysColorBrush

kernel32

GetACP
GetOEMCP
VirtualAlloc
VirtualAllocEx
LoadLibraryExA
InitializeCriticalSection
HeapFree

Exports

Exports

KsnNjWp7VfO@8
_p4S1A1XQr5AmMG
_SChQMEE2i73i

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ