ce882844183156d9d6bffba70cbfff6b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce882844183156d9d6bffba70cbfff6b_JaffaCakes118
Size

131KB
MD5

ce882844183156d9d6bffba70cbfff6b
SHA1

966a7da4b09048795eb315219a3ee42580ddf2eb
SHA256

db8d54b16a4c49c3138f74cce23d4e21e60e6a0db1719579b439497ae6459841
SHA512

850149e6a65c450cc97a2870e0152eda9adaabd2e3e1d288ec873b5f898dfee27db2f3d083096066785c862eb6d40759c775ef2d974a1b11e1f06b407f97d538
SSDEEP

3072:8HdW3L0FL3oGqw2Ur3apAXdP3z+WEEVTvdt:AeL0J3RqwPrKpAdPzBzpv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce882844183156d9d6bffba70cbfff6b_JaffaCakes118

Files

ce882844183156d9d6bffba70cbfff6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f152758767ef88fd49ca40dd2a924bbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
DragQueryFileA
Shell_NotifyIconW
Shell_NotifyIconA
SHGetSpecialFolderLocation

kernel32

VirtualAllocEx
GetProcAddress
ExitProcess
GetCommandLineW
GetStdHandle
GetProcessHeap
LoadLibraryA

msvcrt

malloc
srand
wcschr
mbstowcs
wcstol
memmove
wcscspn

user32

wsprintfA
IsWindowEnabled
LoadIconA
GetSystemMetrics
LoadBitmapA
GetMenu
MoveWindow
GetCapture
CreateWindowExA

Exports

Exports

eK08Gp2_GvAB
_E8t5oPYKKT
_g9Xjemt1@24
_8p9odc@8
92TUMGztS@24
_cN17raASk1TF

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 818B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iidata
Size: 1024B - Virtual size: 845B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ