c8fb45b17ae79d4ea6bb7f317d51387a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8fb45b17ae79d4ea6bb7f317d51387a_JaffaCakes118
Size

164KB
MD5

c8fb45b17ae79d4ea6bb7f317d51387a
SHA1

f4cb9d9bffde135f22c5ce9f46131b2a482c82a4
SHA256

fdc7f0302a5bb919b0a44a72f0cb4e91bc8816793e3042ebf17b9cf78fae25c1
SHA512

bd139049a1f7a87422123ae36479321d9b7b8bcdb115db81b60dc0d64d2821fa082352343322386f52a1f4f449d2577515e54d0221c73a66fdb99cafff43ac7d
SSDEEP

3072:SIKV5GDtFBNfH6gidCX5FeBexnhb8cqJSDRa7FzJ1AQo0/rW/No31+5:8DM5NfDXKeD8c2tFzJ1Az/qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8fb45b17ae79d4ea6bb7f317d51387a_JaffaCakes118

Files

c8fb45b17ae79d4ea6bb7f317d51387a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05d4d325caa13ae1375a932e8b2c339d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetCommandLineA
LoadLibraryExA
ExitProcess
LoadLibraryA

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconW
Shell_NotifyIconA
SHFileOperationA

user32

GetPropA
GetMenu
LoadCursorA
GetScrollPos
KillTimer
CreateMenu
GetScrollInfo

oleaut32

SysStringLen
VariantChangeType
SysFreeString
SafeArrayUnaccessData
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCreate
SafeArrayGetUBound
GetErrorInfo
SysAllocStringLen

Exports

Exports

2SdRPUvEs@16
_9OJOl
M3tEiSUauSg@24
_OUpi3
rqAFdKB1f
c1ClLfgcVLu9R
SOkRWsu0Ek

Sections

CODE
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ