fe0663eaa07bd81cd479e399235b3519_JaffaCakes118 | Triage

Sharing

General

Target

fe0663eaa07bd81cd479e399235b3519_JaffaCakes118
Size

47KB
MD5

fe0663eaa07bd81cd479e399235b3519
SHA1

29411603179a2e48552a08dcbe753759e0226602
SHA256

58b60ce48c1c660d959f1d4e1399d13bea19cce378fcd81a1633e0c60fcef29c
SHA512

a382191d3a5f2802c20fdd607fb560377501c83e12eb3db57e358de7e5e23c62cb4b13e1d9e7c16aeaabe32a3e76c4d07e3ed21a84ca4ce891a5216c78cc29a7
SSDEEP

768:i27mKnGlTrdBGpwyqwo97ORi0UaHZR7ltBBWlIfdu6gAOo/uVYF3itkYj:iBKnKTZB0MD2ZRRXBAIf06Zl/bYj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe0663eaa07bd81cd479e399235b3519_JaffaCakes118

Files

fe0663eaa07bd81cd479e399235b3519_JaffaCakes118
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

d975151ea7c3b43501c30737ecac634e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreatePipe
CreateSemaphoreW
ExitProcess
GetLogicalDrives
GetShortPathNameA
LoadResource
SetComputerNameA
SetFileApisToANSI
TlsAlloc

user32

CreatePopupMenu
DrawTextW
IsCharAlphaW
LoadStringA
ModifyMenuW
ShowScrollBar
TranslateAccelerator
WINNLSEnableIME
WindowFromPoint
wsprintfW

shell32

DragQueryPoint
ExtractIconA
ExtractIconResInfoA
OpenAs_RunDLLA
RealShellExecuteExA
SHFileOperationW
SHGetMalloc
SHGetSpecialFolderPathW
SHInvokePrinterCommandW
SHQueryRecycleBinA
SheFullPathA
SheSetCurDrive
Shell_NotifyIconW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE