d330873048dba7cbc186ea6243e11a08_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d330873048dba7cbc186ea6243e11a08_JaffaCakes118
Size

170KB
MD5

d330873048dba7cbc186ea6243e11a08
SHA1

17b570daee24def0461ca450e5e277d7e2a80870
SHA256

df2dc402435a8943dae8e6320f1c834aff1af4152f80ac2e30b17b6cdc62af20
SHA512

e00848f18bca4790c551b3739c65f30f78befdefaf99784662ca3110089bb6b1d93313c252273de64cbe87b0eec60b1badc7275fc88e62d61cb5de36072d1900
SSDEEP

3072:sxP+V1cKd8JTAi1JMgBGN+RIo2JTgtWuXY1YzEI:3cKd8qi1JTB/RdXXaYwI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d330873048dba7cbc186ea6243e11a08_JaffaCakes118

Files

d330873048dba7cbc186ea6243e11a08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5e59e9cee60c14d1447a08f0feb2466

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreatePopupMenu
SetCursor
ClipCursor
EnableWindow
RedrawWindow
LoadCursorW
GetDesktopWindow
SetParent
InvalidateRect
SetWindowPos
TrackPopupMenuEx
DestroyMenu
GetFocus
IsWindow
PtInRect

msvfw32

ICClose
ICOpen
ICSendMessage
ICDecompress

ole32

StgCreateDocfile
StgOpenStorage

kernel32

CreateFileW
GetShortPathNameA
GetLastError
GlobalFree
GetHandleInformation
CloseHandle
GetModuleHandleW
EnumResourceTypesW
ExitProcess
GetCurrentProcessId
LoadLibraryW
GetCurrentThreadId
UnhandledExceptionFilter
GetProcAddress
GetVersionExW

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ