b347c542ee11e32ddb0f83ecfbdc866d_JaffaCakes118 | Triage

Sharing

General

Target

b347c542ee11e32ddb0f83ecfbdc866d_JaffaCakes118
Size

164KB
MD5

b347c542ee11e32ddb0f83ecfbdc866d
SHA1

7ea7670829e3bc8049dad104397e2ad712944566
SHA256

3324180a9d60f30b1a7237d11c2198b864f06a5d524b3ca1af88da5dc4e29065
SHA512

d48c3977d94739c75db7a741ec644f61c2c61d15618c2bc870136488d9393c4c7f70b356bd45bd695d3f661fca7c29a6c6adbfb8af182a3c962c6151e6331db6
SSDEEP

3072:SIKV5GDtFBNfH8gidCX5FeBexnhb8cqJSDRa7FzJ1AQo0/rW/No31+5:8DM5NfpXKeD8c2tFzJ1Az/qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b347c542ee11e32ddb0f83ecfbdc866d_JaffaCakes118

Files

b347c542ee11e32ddb0f83ecfbdc866d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05d4d325caa13ae1375a932e8b2c339d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetCommandLineA
LoadLibraryExA
ExitProcess
LoadLibraryA

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconW
Shell_NotifyIconA
SHFileOperationA

user32

GetPropA
GetMenu
LoadCursorA
GetScrollPos
KillTimer
CreateMenu
GetScrollInfo

oleaut32

SysStringLen
VariantChangeType
SysFreeString
SafeArrayUnaccessData
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCreate
SafeArrayGetUBound
GetErrorInfo
SysAllocStringLen

Exports

Exports

2SdRPUvEs@16
_9OJOl
M3tEiSUauSg@24
_OUpi3
rqAFdKB1f
c1ClLfgcVLu9R
SOkRWsu0Ek

Sections

CODE
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ