b39c0b405d9eb825d00ee3d1dacbd082_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b39c0b405d9eb825d00ee3d1dacbd082_JaffaCakes118
Size

50KB
MD5

b39c0b405d9eb825d00ee3d1dacbd082
SHA1

25de7b68f8323b35b25233c24f92d9ed623b9008
SHA256

8bc61fac4b8de24bbd11198b315113edf42e545bac2cc3d074ae1c81df2be875
SHA512

aed6dda7e2a9bc8f6d27d93a495af5d4fa678aa6a43a9a12c298310d0e9320c1c8ced02dbfe1a637a958f43b7a6ccbc092cb28ab0158d0e6bfaf3adab2f1f94f
SSDEEP

768:6QRbcn0lz3MDhOmypVIFzS68MMhFGEsLbRMUFyDi8U9ehWC6T+o27faCPGHsnCo3:q0tMD0mcYulpknrcfNH6kf/PGHWH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b39c0b405d9eb825d00ee3d1dacbd082_JaffaCakes118

Files

b39c0b405d9eb825d00ee3d1dacbd082_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a0907875a2cb7990f2e959fee0db24e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIA
StrCmpNIW
StrStrW
wnsprintfA
wnsprintfW
wvnsprintfA
wvnsprintfW

user32

CharUpperW
CloseDesktop
CloseWindowStation
DrawIcon
EndDialog
GetClipboardData
GetCursorPos
GetWindowLongA
GetWindowTextA
MsgWaitForMultipleObjects
PeekMessageA

Sections

.gvoxcn
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jqnud
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.baxkz
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ