050815e9e9dfe6ba1c9f36cf13914d24_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

050815e9e9dfe6ba1c9f36cf13914d24_JaffaCakes118
Size

232KB
MD5

050815e9e9dfe6ba1c9f36cf13914d24
SHA1

2b204d62f7563255fd6773b9f0d31d910c0e85cc
SHA256

92fdba82949869d06027d78da76bf3fcb0c59037a73a4d1e27020e56ccd9ce12
SHA512

2f17aa52214586157a1e7a93acd4495c347fb3975cd7d208cbe2bdfc8acfc69b83f2c43f09811731346e187ebc30e039912b475eb721e30e05c625f0da1ad70d
SSDEEP

6144:Xf48jKHjFPcZ8vM/wUfdM2lit5sH/nLjh:XfjKDs80RdM2Mt5sHPL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
050815e9e9dfe6ba1c9f36cf13914d24_JaffaCakes118

Files

050815e9e9dfe6ba1c9f36cf13914d24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28993d6c494d4c8beb23d4b9d3abd6be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
lstrcatA
GlobalAlloc
LoadLibraryA
lstrcmpiA
VirtualAllocEx
HeapDestroy

ole32

OleRegGetUserType
ReleaseStgMedium
StgOpenStorage
CoRegisterClassObject
CoCreateFreeThreadedMarshaler
PropVariantClear
GetHGlobalFromStream

user32

GetDC
CharNextA
GetMenu
GetFocus
GetSysColorBrush
GetDCEx
GetDlgItem
GetTopWindow
GetCursorPos

shell32

SHGetFolderPathA
Shell_NotifyIconA
Shell_NotifyIconW
SHGetDesktopFolder
SHGetDiskFreeSpaceA

Exports

Exports

DiGZlQOFAH6D@24
_5GuA9Nt
_3P4FXYJeZTj
_ygivt_kCcPTA@12
ZsDdzP2CgAP5@20
wqIOZ2p8iwlgX

Sections

CODE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iidata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ