b7a35aee11f09206c35e2ab4de96ce3b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7a35aee11f09206c35e2ab4de96ce3b_JaffaCakes118
Size

164KB
MD5

b7a35aee11f09206c35e2ab4de96ce3b
SHA1

8433f2acbcda71da79a376b2db9dd0e343a7a319
SHA256

d34004bbac0b2ad10e194f5cf9fb5e1bb95b26aae687c8732a6ed6c59b771775
SHA512

f450a937ec5d8666fe80a78414decc831716a4e51a16a5136bcf9305a31dda1ff4cea1323039d763b852d064b0cee88d4bd5c00234baa6bacbc4f7ecf867932f
SSDEEP

3072:aQuZjw1RL0hsTn3sgi0r67N+KQlxFq7yxztk6NX9Jw99T9bjOTkzzQp:Jgc1h0hsrshu6kKQ3xzthNXnw9vj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7a35aee11f09206c35e2ab4de96ce3b_JaffaCakes118

Files

b7a35aee11f09206c35e2ab4de96ce3b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b16bf4496b0ce0ed6a177a8d4ea9219f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetOEMCP
VirtualAllocEx
GetStdHandle
GetProcAddress
ExitProcess

shlwapi

SHStrDupA
PathIsDirectoryA

user32

OpenIcon
GetDesktopWindow
CharLowerA
EqualRect
EnumChildWindows
EnumWindows
IsWindowUnicode
EnumThreadWindows
LoadCursorA
GetMenu

shell32

SHGetFolderPathA
Shell_NotifyIconA

Exports

Exports

HrrKTanQ7CW@24
_8bN5kmCIAEt60t
_zEfeF6nEr
_uyincqpbH@24
d3JhTGlVi_I9@8
IjPRKZ@4
_YeG0__i1OlkLu

Sections

CODE
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 653B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 512B - Virtual size: 27B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ