b34bc96c29cc23968a5f66a1eb67b86d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b34bc96c29cc23968a5f66a1eb67b86d_JaffaCakes118
Size

131KB
MD5

b34bc96c29cc23968a5f66a1eb67b86d
SHA1

ef1dcc8a1b327c7ddf2f16095a77ee56a66594a3
SHA256

4027902c0d305119666f456c16d6ac16c0637c32977551346bb7921040c200c3
SHA512

2ad0c0e2be0b23ac9d62867116a721471b1f0889117f0781e9b557a165a420e8874290c1a4297a15db1af54b1c86ce3b3bcf6591c0e9fb4dc9190e887a58189a
SSDEEP

3072:81dW3L0FL3oGqw2Ur3apAXdP3z+WEEVTvdt:GeL0J3RqwPrKpAdPzBzpv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b34bc96c29cc23968a5f66a1eb67b86d_JaffaCakes118

Files

b34bc96c29cc23968a5f66a1eb67b86d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f152758767ef88fd49ca40dd2a924bbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
DragQueryFileA
Shell_NotifyIconW
Shell_NotifyIconA
SHGetSpecialFolderLocation

kernel32

VirtualAllocEx
GetProcAddress
ExitProcess
GetCommandLineW
GetStdHandle
GetProcessHeap
LoadLibraryA

msvcrt

malloc
srand
wcschr
mbstowcs
wcstol
memmove
wcscspn

user32

wsprintfA
IsWindowEnabled
LoadIconA
GetSystemMetrics
LoadBitmapA
GetMenu
MoveWindow
GetCapture
CreateWindowExA

Exports

Exports

eK08Gp2_GvAB
_E8t5oPYKKT
_g9Xjemt1@24
_8p9odc@8
92TUMGztS@24
_cN17raASk1TF

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 818B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iidata
Size: 1024B - Virtual size: 845B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ