b23bf12abfaae71d8f755776bacd4bc9_JaffaCakes118 | Triage

Sharing

General

Target

b23bf12abfaae71d8f755776bacd4bc9_JaffaCakes118
Size

273KB
MD5

b23bf12abfaae71d8f755776bacd4bc9
SHA1

afe065de96ff4996296e8db874cbaeb85ee20ef6
SHA256

fd8458b6899ddc239c3af8a389aa20fdabfc16e474f93e7ad0f696e24df65506
SHA512

be791844d707f2b9806992b0aa2dc1ef59a15adeec48444e49a9ea2bd697857099362e6d729f9e7172f24a61428f71cb191d8ca50d2ad12dc747f302d0a8af4b
SSDEEP

6144:9AcdVCfwCMtPf3/5y+DoRlJY5idOyIsHGPs46:1d4jMtH/5y+DwIizIgGPsb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b23bf12abfaae71d8f755776bacd4bc9_JaffaCakes118

Files

b23bf12abfaae71d8f755776bacd4bc9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d98862dea16e4bb2b815c32d705b6369

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenu
IsWindow
GetTopWindow
FrameRect
GetActiveWindow

oleaut32

SysReAllocStringLen
GetErrorInfo
SafeArrayPtrOfIndex
SysFreeString
RegisterTypeLib

kernel32

LocalAlloc
LoadLibraryA
GetACP
ExitProcess
VirtualAlloc
FreeResource
FreeLibrary
FindResourceA
FormatMessageA

shell32

Shell_NotifyIconA
SHGetSpecialFolderLocation

Exports

Exports

_R7G6XY
LO4pBfdp9Q1di@24
_7oSQ7R5iglB7n@20
w83WN@4
SeVr4Nc4P3Mc7@16
Qif5bv1sCAZC

Sections

CODE
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 689B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ