df23dcd6105982452c0c0f1bad806b43_JaffaCakes118 | Triage

Sharing

General

Target

df23dcd6105982452c0c0f1bad806b43_JaffaCakes118
Size

138KB
MD5

df23dcd6105982452c0c0f1bad806b43
SHA1

cb348719781cb74140ff3f57cbcaa0ec83fa17eb
SHA256

09d2edceeff95523b11d871b4fdb1c28143620e9101c964754d6dc4721e3829c
SHA512

bd54506ecc7698b4cd392d87473b41d5a3c770d993097109c0f75425663714586c3745e68cc3da8fdefb76365a28571d3c743ba399f3cf75d8c72af1577fc0d1
SSDEEP

3072:USZtWJCsEX0R2dxt/YDmDJPrV3s9eIPJrOJ2f0HFSaYuRBLb0P1JwG:NHcxE+AjDJPrVrsJs2f0HFlhu0G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df23dcd6105982452c0c0f1bad806b43_JaffaCakes118

Files

df23dcd6105982452c0c0f1bad806b43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

863ad692eab5db5c0d227b8251680efd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHLoadInProc
DragQueryFileW
ShellAboutA
ShellHookProc

kernel32

GetConsoleCursorInfo
GetConsoleCP
CreateTapePartition
FreeResource

ntdll

LdrLockLoaderLock
LdrSetDllManifestProber
LdrShutdownThread
NtAlertThread
NtClearEvent

comctl32

ImageList_GetImageInfo
ImageList_SetBkColor
ImageList_Write
LBItemFromPt

Sections

.text
Size: 63KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE