aba64e375bc7699a984983bf4f22804c_JaffaCakes118 | Triage

Sharing

General

Target

aba64e375bc7699a984983bf4f22804c_JaffaCakes118
Size

154KB
MD5

aba64e375bc7699a984983bf4f22804c
SHA1

447c560e7980d99aa2bf2b0235ae0365615bc43b
SHA256

7a294b9a44d8e5e3dd63a339e149cece74141021cc96f63a2271dd761264dcd8
SHA512

8a99fdc3f823161b77b21a2a3944fb748d012dead248ce960ebc1548eccccfe7c262511ba2760f7ced003b858937364b56cba8d605b2280a9e8e6b811258589b
SSDEEP

3072:5F/qAXT/B+vcugIoFlZTmWoHA9PMzQuyPVfNAcitzf/k:5Bt5+vc3IqT0EUMfe9r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aba64e375bc7699a984983bf4f22804c_JaffaCakes118

Files

aba64e375bc7699a984983bf4f22804c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cbdc33d108776618ef54509c4f5baffe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\cjgXxaTz\hsnwK\bMCDgzp\zQyeei\tEoondnB.pdb

Imports

shlwapi

UrlGetPartA
StrToIntW

comdlg32

GetOpenFileNameA
GetOpenFileNameW
ReplaceTextW

kernel32

lstrcmpA
SetCurrentDirectoryA
FindResourceW
LCMapStringW
SetNamedPipeHandleState
IsDBCSLeadByte
Sleep

gdi32

GetWindowOrgEx
GetTextExtentPoint32A
CreatePalette
GetTextExtentPointA
GetObjectW
LPtoDP

comctl32

ImageList_LoadImageW
ImageList_GetIconSize
CreatePropertySheetPageW

user32

CharLowerA
DrawIconEx
CharNextW
ReplyMessage
GetWindowTextLengthW
IsWindowEnabled
GetMessageTime
CharLowerBuffW
FindWindowExW
SetClassLongW
SendMessageA
SetFocus
MonitorFromPoint

Exports

Exports

?Sv_zwyn_AJ_Relzyvxws@@YGPADI@Z
?_hk_chw@@YGIF_N@Z
?XBDLVczhC@@YGPAEJ@Z

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 54KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ