d241e75b0cf4206723b436e31ce2008f_JaffaCakes118 | Triage

Sharing

General

Target

d241e75b0cf4206723b436e31ce2008f_JaffaCakes118
Size

98KB
MD5

d241e75b0cf4206723b436e31ce2008f
SHA1

67dcebf6f8db41f940bbbe8dde289a1515b6977c
SHA256

9b3c1ea6879dae39dd688b0d21bb1649b46fa813c7b06729c5b3f318f5592dd5
SHA512

172d0bcf2118af0a42ef0b5fffd7632440e3543c6f4d7fbe13d03fd5e1bf6fe1c2eaf603d8905e360cf05d5dfc6f46e384f36c9e38c1e382faefd24a34cf6d2b
SSDEEP

1536:K8Xxqb8dZo2dykXZLC5/EMEdIbYLo7cIJXw09TVMmy5TsRJ3kAPiihxuC6yq4mM:AAdZoeysRYcdPLG9Bw4MmATqkjIDx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d241e75b0cf4206723b436e31ce2008f_JaffaCakes118

Files

d241e75b0cf4206723b436e31ce2008f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72e94f2f8a3624f6a1a7d87453006074

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHFileOperationA
Shell_NotifyIconW
SHGetDiskFreeSpaceA
DragQueryFileA

kernel32

LoadLibraryA
ExitThread
ExitProcess
VirtualAlloc
CloseHandle
Sleep
GetProcessHeap

user32

GetMenu
IsMenu
GetSysColorBrush
DrawMenuBar
GetSystemMenu
GetSysColor
GetTopWindow
GetCapture
GetWindow
GetActiveWindow
GetWindowDC

comctl32

ImageList_Create
ImageList_GetBkColor
ImageList_Add
ImageList_Draw
ImageList_Remove
ImageList_DragShowNolock
ImageList_Destroy
ImageList_Read
ImageList_Write
ImageList_DrawEx

Exports

Exports

_UT1mej8ZlD@4
MfNhuJnA@12
RCn0bpD@20

Sections

CODE
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 1024B - Virtual size: 1019B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ