aedbc6ab4c7652deb689df7156d6f4cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aedbc6ab4c7652deb689df7156d6f4cb_JaffaCakes118
Size

105KB
MD5

aedbc6ab4c7652deb689df7156d6f4cb
SHA1

05ea319113eda5097af3b5b3eafb04cc70ae0790
SHA256

f6ed2e621dcdd4da701f1d718eaf3727d72d4bdfdb06618965232f6dd820e279
SHA512

d3f16c0b700a9775746b4e608c4688254fdc36fffa0cafd62a2592b16b144e8aff86745569b313c8bc1c8679de295fb4f8c08a9a3a5c5fe8c7d1cbbd589dae64
SSDEEP

1536:rdu8fB2U+YkIHADkwtjvv1TP2kq2jOMYC5Mzf4qJhbtjY1vnhUxdoOjWDbF4mC:rQ8p4Y5mlvNNq2XZSK1vhanjo+j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aedbc6ab4c7652deb689df7156d6f4cb_JaffaCakes118

Files

aedbc6ab4c7652deb689df7156d6f4cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0b6a42b6b54d825f94f506fbbcc5618

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathA
SHFileOperationA
SHGetFileInfoA
Shell_NotifyIconA

gdi32

LineTo
GetBkColor

kernel32

ExitProcess
LoadLibraryA
VirtualAlloc
VirtualAllocEx
GlobalDeleteAtom
GlobalAddAtomA
GlobalAlloc

user32

GetMenu
GetMessagePos
GetMenuStringA
GetWindow

Exports

Exports

33tHo6oQ
_N6pr59Y

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 581B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hidata
Size: 1024B - Virtual size: 898B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ