dfb9d6b51ef1284bd69cc87107477256_JaffaCakes118 | Triage

Sharing

General

Target

dfb9d6b51ef1284bd69cc87107477256_JaffaCakes118
Size

76KB
MD5

dfb9d6b51ef1284bd69cc87107477256
SHA1

d00120a896818ed95448c1720bcdbe4227815c1b
SHA256

d714aa0b37695b3200bfac587a8575c6bf204d074aa919d9131e9325bd882e09
SHA512

f025c6808a844f0916116822dc92840d0f2cb4f1e76557d844a0bf6f0f5b10fe2e8ffa7964e2e38433ffbc60019fa47fede2c7a361a535e026eaad708f832561
SSDEEP

768:koQo/GuRhRSAveZ3Byy0extXp33dCLDdldg3GzMp11Ccz8evJuS:rGuRh0ZxJZ3MLDdfuxz8cJuS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfb9d6b51ef1284bd69cc87107477256_JaffaCakes118

Files

dfb9d6b51ef1284bd69cc87107477256_JaffaCakes118
.exe windows:4 windows x86 arch:x86

afb308bbbf0a238db4c64534263446bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
LoadIconA
LoadAcceleratorsW
GetWindowTextA

kernel32

LocalAlloc
lstrcmpA
lstrcatA
UnmapViewOfFile
LoadLibraryA
CloseHandle
CompareStringA
EnterCriticalSection
EnumResourceLanguagesW
ExitThread

oleaut32

SafeArrayDestroy
SysFreeString
SysStringLen
SafeArrayAllocData
OleTranslateColor
RevokeActiveObject

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ