dc4ea009939fb18a4866c83f8137d85a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc4ea009939fb18a4866c83f8137d85a_JaffaCakes118
Size

124KB
MD5

dc4ea009939fb18a4866c83f8137d85a
SHA1

be72ccd9fe0234dcb3b69f73ab1a018f01140644
SHA256

ac72dba6616476d32cd40b36a02f7406749b84b32eb012371bcdd0f6b167d401
SHA512

7d46c4a6c22d7bc4e5e06a49fd89922166a0ba04dc5791e123f1f9c13f3899f7bd53cdebd0b4e7a0fba531bd9538af903afeb57ddba577326833387dff18c90d
SSDEEP

3072:RxBu+Rr/B6QV3PTrzjkaQkboZ61s+PQBOu0Tu:RTFbxbkaboZ0sJBf0i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc4ea009939fb18a4866c83f8137d85a_JaffaCakes118

Files

dc4ea009939fb18a4866c83f8137d85a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6429fdfd0a1b174b48e6a7ef0ec705b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
ExitProcess
LoadLibraryA
lstrcmpiA
GetProcessHeap
GetLastError
VirtualAlloc
lstrlenA
GlobalAlloc
lstrcmpA

user32

OpenIcon
DrawTextA
EnableWindow
GetMenu
GetFocus
EnableScrollBar
EmptyClipboard
GetDesktopWindow

shell32

Shell_NotifyIconW

Exports

Exports

_A3oX5i3Z

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text