e20746fc2b1f1b506b2a191c891ab20e_JaffaCakes118 | Triage

Sharing

General

Target

e20746fc2b1f1b506b2a191c891ab20e_JaffaCakes118
Size

273KB
MD5

e20746fc2b1f1b506b2a191c891ab20e
SHA1

21253392b2ecf94b871581d7076af0674c1f55b7
SHA256

88b6424c05bf52149483fb787580f5784c071673ca2464ac239b390361414b2d
SHA512

eab363394d93c9d42cfc7009f83b5cfaf83f4b92eb490837202c48630594e9e9037c6eb899600cac645bfac51df56135655d1fd004de84420068d0311773f691
SSDEEP

6144:9AcdVCJwCMtPf3/5y+DoRlJY5idOyIsHGPs46:1d49MtH/5y+DwIizIgGPsb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e20746fc2b1f1b506b2a191c891ab20e_JaffaCakes118

Files

e20746fc2b1f1b506b2a191c891ab20e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d98862dea16e4bb2b815c32d705b6369

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenu
IsWindow
GetTopWindow
FrameRect
GetActiveWindow

oleaut32

SysReAllocStringLen
GetErrorInfo
SafeArrayPtrOfIndex
SysFreeString
RegisterTypeLib

kernel32

LocalAlloc
LoadLibraryA
GetACP
ExitProcess
VirtualAlloc
FreeResource
FreeLibrary
FindResourceA
FormatMessageA

shell32

Shell_NotifyIconA
SHGetSpecialFolderLocation

Exports

Exports

_R7G6XY
LO4pBfdp9Q1di@24
_7oSQ7R5iglB7n@20
w83WN@4
SeVr4Nc4P3Mc7@16
Qif5bv1sCAZC

Sections

CODE
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 689B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ