b6377fc9bdf4cff39e5df363107e6f45_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6377fc9bdf4cff39e5df363107e6f45_JaffaCakes118
Size

164KB
MD5

b6377fc9bdf4cff39e5df363107e6f45
SHA1

8a758b5ecc24ea53f8775ad16a031823092b637c
SHA256

0a14ac150f8556bc9036158777fafc04dcca1e5cb7e36b3b4d7d28c14a722876
SHA512

647bc9172f02bd6f383f355f22a4b7a716646cb1a0cb18fd2ce8ba9de238cda6e305d03d74e2bcaf418f3137b63fd4fcf324b1737ae3cd1b7d67a12c9fbe8b99
SSDEEP

3072:aQuZjw1RL0hsTn3s2i0r67N+KQlxFq7yxztk6NX9Jw99T9bjOTkzzQp:Jgc1h0hsrsbu6kKQ3xzthNXnw9vj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6377fc9bdf4cff39e5df363107e6f45_JaffaCakes118

Files

b6377fc9bdf4cff39e5df363107e6f45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b16bf4496b0ce0ed6a177a8d4ea9219f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetOEMCP
VirtualAllocEx
GetStdHandle
GetProcAddress
ExitProcess

shlwapi

SHStrDupA
PathIsDirectoryA

user32

OpenIcon
GetDesktopWindow
CharLowerA
EqualRect
EnumChildWindows
EnumWindows
IsWindowUnicode
EnumThreadWindows
LoadCursorA
GetMenu

shell32

SHGetFolderPathA
Shell_NotifyIconA

Exports

Exports

HrrKTanQ7CW@24
_8bN5kmCIAEt60t
_zEfeF6nEr
_uyincqpbH@24
d3JhTGlVi_I9@8
IjPRKZ@4
_YeG0__i1OlkLu

Sections

CODE
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 653B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 512B - Virtual size: 27B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ