d2b0a3e634fcba5097607fe8f64ed806_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2b0a3e634fcba5097607fe8f64ed806_JaffaCakes118
Size

13KB
MD5

d2b0a3e634fcba5097607fe8f64ed806
SHA1

5345784b5df70ffde4ad2543cd52f3c5634b6e5c
SHA256

67081bb1239517d0596b3fc4253cd1cad3695d2517bbb35e15e181d1123150b9
SHA512

e75c7f2beb1c4f4995af6ebccb18235992c8dc043ee3ab186172c4a68e1e940297262911547a78d06b1364e61f92ac966d66ac2079c3b6d6b0441ad219441147
SSDEEP

384:1BfZMjRuuF8KaghgzXxzVPrm6Zt8Vucu/:1FOj8chwXxlpwVc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2b0a3e634fcba5097607fe8f64ed806_JaffaCakes118

Files

d2b0a3e634fcba5097607fe8f64ed806_JaffaCakes118
.exe windows:1 windows x86 arch:x86

eb7a4932d1b3c4321b977aac3ceb86b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
CreateThread
FatalExit
ExitProcess
CreateThread

user32

GetMenuState
CharToOemW
GetClassWord
DestroyCursor
CreateIconIndirect
FindWindowW
GetUpdateRgn

shell32

DriveType
FreeIconList
OpenAs_RunDLL
SHFindFiles
SHFree
SHUnlockShared
PathResolve
SheConvertPathW

Sections

��t
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE