d0ba3b9d7bfc4d1055be34703f38b96d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0ba3b9d7bfc4d1055be34703f38b96d_JaffaCakes118
Size

114KB
MD5

d0ba3b9d7bfc4d1055be34703f38b96d
SHA1

b0116364429a140bee607af40adb8d9382d88f66
SHA256

54c3979d09490c4d24c850f7dc1fdc4885267a3eef7aa34f8e67cd1623fd1fc9
SHA512

fbf7f4c0b7fc615e6cc37cf8ae8958a0bfc6e60681590eed4ae606e826a40d00d111108924951e8664f8b363e73790c49e22a638106c505e8969a6325e2efbda
SSDEEP

1536:0zZ+GSSvEdHLG9CuH/LFeJReqii1Fg+9X2IxYyoTos5njh3XBJeTmlyATYbHicV2:EwhS856PReCJi16I6ptXwbHicV8FEe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0ba3b9d7bfc4d1055be34703f38b96d_JaffaCakes118

Files

d0ba3b9d7bfc4d1055be34703f38b96d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

751891dfbab109db8b337da3713e9c41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
CloseHandle
VirtualAlloc
LoadLibraryA
ExitThread
Sleep
ExitProcess

shell32

SHGetSpecialFolderLocation
SHFileOperationA
DragQueryFileA
Shell_NotifyIconW
Shell_NotifyIconA

user32

GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetKeyboardState
GetDesktopWindow

Exports

Exports

bKQom1@20
w7qMJE2NG@20
fC4fKqROU8iVjj
_DZl2dsZIs
qIADq@12
ILpIQ@16
_59IItyw4ngz
nKvt8Y8jQOM@8

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text