be6dc85e67d66bdb16e86af39c619905_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be6dc85e67d66bdb16e86af39c619905_JaffaCakes118
Size

37KB
MD5

be6dc85e67d66bdb16e86af39c619905
SHA1

cf4a73e12d785b7645db7ead3e9a918c037c7a52
SHA256

49549b021f2c928fad4f4f8c8a7ffcd07223dbe3d5bd2ea58839453c6ab6c85a
SHA512

80925a7eb211b3720d89268820a85c554862a158ba427b020326593b4443a76f19f5bb7ed6262252976e993cd6b0ce486390a653bb0167a8292936e641716fe0
SSDEEP

768:BvxFhAoWRSWT/5SsWxCfEJ3OJ94Cguj+mthMIYku92lIt:9ZVWMk4sWxCccNx+mtTYkuEl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be6dc85e67d66bdb16e86af39c619905_JaffaCakes118

Files

be6dc85e67d66bdb16e86af39c619905_JaffaCakes118
.exe windows:4 windows x86 arch:x86

157b6b6b2d3b833400a9d1a156399a84

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CopyImage
ChangeMenuW
CallMsgFilterW
CreateMenu

shell32

Control_RunDLLW
StrRStrA
SHFileOperation
SHEmptyRecycleBinA
SHFileOperation
SHGetDesktopFolder
RealShellExecuteExW

gdi32

GetDeviceCaps
FloodFill
PathToRegion
PtInRegion
GdiStartDocEMF
RectInRegion
PolyPatBlt
GetTextColor
GetPixelFormat

Sections

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE