aef80ff2dee733ec82859775907aca8b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aef80ff2dee733ec82859775907aca8b_JaffaCakes118
Size

212KB
MD5

aef80ff2dee733ec82859775907aca8b
SHA1

8c2896888f1056e6c6eabaae41bfa95138ff6b14
SHA256

8b421626172fee320cd6f920dc62507ad46a5a4f061acd1096eb0f9291f70875
SHA512

49108ef5eac081bd24e00182bcbcdc78a32342a4e3fe4d0a960153baff296548f9c9abd3482e66c53ec0e383c175ce95119eab95efa6f112cb3ea162ba4124cf
SSDEEP

3072:ptBbXjlgO0shtDi6D+SX6yqf6/SA2ilZfmS4X8WxvnzzTq6bRk3Hvn0h4vANQtup:xLBgOBND+c0CNltmSWfBnzvq6dh6Ze

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aef80ff2dee733ec82859775907aca8b_JaffaCakes118

Files

aef80ff2dee733ec82859775907aca8b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9d5068b79d181f778bbda7d77cb9dc95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord158

user32

FindWindowW

kernel32

GetDriveTypeW

Exports

Exports

?BeginForce##YGPAXU_POINTL###Z
?CellRinger@@YGPAXU_POINTL@@@Z
?HeartPulse@@YGPAXU_POINTL@@@Z
?LineHandle@@YGPAXU_POINTL@@@Z
?TimerConnect@@YGPAXU_POINTL@@@Z

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text39=
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rqvmxkb
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

AK?Lk<
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE