af9c39e959e1564dd59a89fd402f6900_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af9c39e959e1564dd59a89fd402f6900_JaffaCakes118
Size

129KB
MD5

af9c39e959e1564dd59a89fd402f6900
SHA1

0a17bd1c7a10b6412ab5ca7cc9d0070d02330390
SHA256

2456bb3eb790d706f90cac6ee492c3939826408e24a6e3c0c580d1336f8a6bab
SHA512

7bbbdaf5dc6841cb94955cf48a4985d44739827bd87cabce68c165fbc729228b2f32778d3329f1f959be491484adb7ddc67c0ae7eb10eb56f0f1b84f99c4ccac
SSDEEP

1536:n9zN7x7jhCuM/IDIjMetAAdyG6ECV91QKm0SykLb9zN7x7jhCuM/IDIjMetAAdyw:9zNRQMluyGxC+FVxzNRQMluyGxC+FV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af9c39e959e1564dd59a89fd402f6900_JaffaCakes118

Files

af9c39e959e1564dd59a89fd402f6900_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6764baeb8d960aa00c9977cb9882bb94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DriveType
FreeIconList
OpenAs_RunDLL
SHFindFiles
SHFree
SHUnlockShared
PathResolve
SheConvertPathW

kernel32

ExitThread
CreateThread
FatalExit
ExitProcess
CreateThread

user32

GetMenuState
CharToOemW
GetClassWord
DestroyCursor
CreateIconIndirect
FindWindowW
GetUpdateRgn

Sections

.text
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE