df09b80a6a854c0f358b750395c7bfa7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df09b80a6a854c0f358b750395c7bfa7_JaffaCakes118
Size

191KB
MD5

df09b80a6a854c0f358b750395c7bfa7
SHA1

4928b73610db071c69baff782699851a8aa3b1cd
SHA256

41367ea09f9dc1139ec0a7a58ed82195bdbb594b33227b598a73b4e7537d7f92
SHA512

710d23f9faf11ada296af6e25279c62cd9cf0e690213f2f41be3653be595f97d52d065a8b7474356c39377085a7e0d9ff03393aa8d889f912d9a7c96d898ed08
SSDEEP

3072:ztEkP3FAB58Qbqu5ynX6JXji1j/sQYsEMT+JX41WFsUXVxPeSRg0pgMRuqdA:5EkPVAB58IqWynX6JXj0/sBs9TO4oZX0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df09b80a6a854c0f358b750395c7bfa7_JaffaCakes118

Files

df09b80a6a854c0f358b750395c7bfa7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

938660d9fafde806eb75a33eb140db90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PeekConsoleInputW
GlobalMemoryStatus
SetConsoleCP
GetCurrentProcessId
GetCPInfo
TlsGetValue
GlobalFix
AllocConsole

user32

SetMessageQueue

shell32

Shell_NotifyIconA
SHCreateDirectoryExA
DragFinish
InternalExtractIconListA
CheckEscapesW
StrStrIA

Sections

.code
Size: 9KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 177KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE