b528c88bf542d059b6ef8520aa5f4167_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b528c88bf542d059b6ef8520aa5f4167_JaffaCakes118
Size

104KB
MD5

b528c88bf542d059b6ef8520aa5f4167
SHA1

f920a3f8083fbb7e9fa844f5c3af6e2df7576511
SHA256

2f93e7de33d9c8ff120ff1e2d585572e8c20be2c42e3f344e6daa912ac08f420
SHA512

396ded7c1f1fb41c2f9a146d9252246d1d83a6235fa6300de7d6cecb70c51915b627ba3fc24fe5ff93d98b44d3036a78847053b7172b4ade6320fbeab598b5e5
SSDEEP

1536:wmiLp03pvMW0P4gtF0lZ76pM6J+atJ+b0nzUdKnQcsF7AGVy4Igu44mi:A103pvSPv0lZWvNzpnQc0+4IlN7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b528c88bf542d059b6ef8520aa5f4167_JaffaCakes118

Files

b528c88bf542d059b6ef8520aa5f4167_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b419af02b134584a4a53b0605d70ef2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileA
SHGetFileInfoA
Shell_NotifyIconA
SHGetFolderPathA

user32

GetMenu
MapVirtualKeyA
MessageBeep
CreatePopupMenu
MessageBoxA
MapWindowPoints
GetWindowTextLengthA
LoadStringA
IsCharLowerA

kernel32

VirtualAlloc
GetModuleHandleA
ExitProcess
GetStringTypeW
GetThreadLocale
GetCommandLineW
LoadLibraryA

comctl32

ImageList_GetBkColor
ImageList_DragShowNolock
ImageList_Read
ImageList_DrawEx
ImageList_Write
ImageList_Add
ImageList_Draw
ImageList_Create
ImageList_Remove

Exports

Exports

R9MBW2i4awF3J@12
_SDREF8xy61u@12
_obmYCjD2PO_Un
L3rhrNT4Y5@24
1hNBzcQB
eXkyTXW17p@20

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htdata
Size: 512B - Virtual size: 143B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ