04a04b5201d4c1a5439156aaa46b50bd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04a04b5201d4c1a5439156aaa46b50bd_JaffaCakes118
Size

235KB
MD5

04a04b5201d4c1a5439156aaa46b50bd
SHA1

19273c9371fcce0628b1b4c62d5f0f825b2b7e8a
SHA256

c59b4ab9a87a5f51b9675b2b7f36de8ed2a4a7e2cfc62f09b09e3d94fdab21d2
SHA512

0129315d5d4ede6be3fcfb256bf695b0ac368eb8f74939e67b3e09bb11b20678c4589ddedccd59084714fc144382216586a979c1beda713e4f1e2a23d40036cf
SSDEEP

6144:DMo/UlpWvDVw2R7WeAo/5VzxiWtnMbtuEwsxmk6w4wNvZ:DUlp3y7xphP6kE1p4m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04a04b5201d4c1a5439156aaa46b50bd_JaffaCakes118

Files

04a04b5201d4c1a5439156aaa46b50bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f631acf18b5a400e43f375d86148d12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Add

user32

CharLowerBuffA
GetDC
GetCapture
CharNextW
CharToOemA
GetFocus
GetMenu
CharNextA

shell32

SHGetFolderPathA

kernel32

SetHandleCount
VirtualAllocEx
GetFileSize
GetVersion
GetCurrentThreadId
HeapAlloc
lstrcpynA
lstrcmpiA
LoadLibraryA
GetVersionExA
lstrcmpA
WriteFile
GlobalFindAtomA
GetCurrentThread
GetProcAddress
VirtualAlloc
ResetEvent
SetEvent
GetLocalTime
lstrcpyA
GetProcessHeap
GetEnvironmentStrings
lstrlenA
LocalAlloc
ExitProcess

Exports

Exports

_9dbnY@20

Sections

CODE
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lkdata
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 966B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 1024B - Virtual size: 519B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ