cfd347c232660e73e0d2c33ac75cdf16_JaffaCakes118 | Triage

Sharing

General

Target

cfd347c232660e73e0d2c33ac75cdf16_JaffaCakes118
Size

142KB
MD5

cfd347c232660e73e0d2c33ac75cdf16
SHA1

c87a0a1f302e3545ae045a26857b42eb5ac30405
SHA256

3144fd9392a8b33eb9a29f94432c21bfdf19b96a9273863fa68de5be917133d3
SHA512

b9d83fdff6cd1cd2d22dc5b1acc738e87dcd26afd728eb732fc390e4cebc6bc93f0619123574d1b60b74766e317efe27cbb04f0b36a47860472a45b800ac7d06
SSDEEP

3072:6vGxK+lJ0wDOtzYdEWGBBVAkPpPudx8Vj0PZeGgsy:6QnTSJYHeBVAkiKVj0PZeGgsy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfd347c232660e73e0d2c33ac75cdf16_JaffaCakes118

Files

cfd347c232660e73e0d2c33ac75cdf16_JaffaCakes118
.exe windows:1 windows x86 arch:x86

7cccf8d108a37cc9961dbee498c0af1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyA
RegCloseKey

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

Shell_NotifyIconA

msvcrt

_adjust_fdiv
__getmainargs
_exit
__p__commode
_controlfp
_XcptFilter
__setusermatherr
__set_app_type
__p__fmode
_initterm
memcpy
_except_handler3
_acmdln
exit

kernel32

HeapCreate
GetStartupInfoA
GetModuleHandleA
HeapAlloc

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ