b11c59dd62133368a7ec7630658e24ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b11c59dd62133368a7ec7630658e24ee_JaffaCakes118
Size

34KB
MD5

b11c59dd62133368a7ec7630658e24ee
SHA1

62c246c65019a4d9c31741cc1ce482820437c2ce
SHA256

c729d0a50a273c4611d68aa96b0595681eb2b017df5f99c85294afbcdfe8072c
SHA512

0c5b595077a67409638599bb136806900f6e5c4a22e2baa728adb2f0adf3ffdc737bf27af5e5c42a2e364fc672881aeaf9fd53f6aff43aae856c747a9afc1e17
SSDEEP

384:GJK8V+/tC6qDcwvrxmEtme3r/o67QaiLU/SccSmw6sClnLHkSwt2I6jo6K2rx:GJ7c161vNttb/T7PysC5L7wt2IWo6d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b11c59dd62133368a7ec7630658e24ee_JaffaCakes118

Files

b11c59dd62133368a7ec7630658e24ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90cad8ecb6dc75fbe5665d4b1575ba40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetProcAddress
LoadLibraryA
lstrlenW
VirtualProtect

shell32

ExtractAssociatedIconExA
ExtractIconExA
ExtractIconExW
SHQueryRecycleBinA

user32

DispatchMessageW
EndDialog
GetForegroundWindow
SetWindowPlacement
TranslateAcceleratorW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rel
Size: 18KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE