f9eff0a13458ed073c85193080dd1dcd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9eff0a13458ed073c85193080dd1dcd_JaffaCakes118
Size

16KB
MD5

f9eff0a13458ed073c85193080dd1dcd
SHA1

e7d28b85b992ce83a67a576b691065ce5fa3d051
SHA256

7cdc36c24082f80c2136b6bc52182dcdb0a4f155eace0e2c67557c83dea3e0fa
SHA512

13ef5616ebf8ea4276da4feff35a8d228993dc52070eb0de7d8a2ae0bd139de2ea8cb13c8bd7097a6049cc9e6a0775f02d44c71ee78bd922c06b93d4a5d84976
SSDEEP

384:MfVF+xmthlJKuVAR1ugTMSp1zdd7Dq9xH4eGO9SKgu:MdFeKRAJ9dhDq9Jv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9eff0a13458ed073c85193080dd1dcd_JaffaCakes118

Files

f9eff0a13458ed073c85193080dd1dcd_JaffaCakes118
.exe windows:1 windows x86 arch:x86

eb7a4932d1b3c4321b977aac3ceb86b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
CreateThread
FatalExit
ExitProcess
CreateThread

user32

GetMenuState
CharToOemW
GetClassWord
DestroyCursor
CreateIconIndirect
FindWindowW
GetUpdateRgn

shell32

DriveType
FreeIconList
OpenAs_RunDLL
SHFindFiles
SHFree
SHUnlockShared
PathResolve
SheConvertPathW

Sections

.text
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE