06fa16033c4baf1f36c4e9e914366a93_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06fa16033c4baf1f36c4e9e914366a93_JaffaCakes118
Size

288KB
MD5

06fa16033c4baf1f36c4e9e914366a93
SHA1

167c6838589646683100ac6c295764da35f714d6
SHA256

1ef4b7fad8ef0166ae0b1052f01063978e06eb36fae5900fff7791f7d3110bc2
SHA512

ba9921ff8fcb8638981fe51271c85630feea6992c7ac1606e7beeeab4f1ee232a0dac2047d5faa6fba5acf0c38e791f692e9d8d42d4062926a9a63c4d53d3b0b
SSDEEP

3072:jgs6j2IaW1qtd5Tli3MqbdJ2ZOr0T9DiM8tsAZ2R:csE25WYiBBJa9ktFc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06fa16033c4baf1f36c4e9e914366a93_JaffaCakes118

Files

06fa16033c4baf1f36c4e9e914366a93_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cde63cd1acd793e0f63595a1f35296bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

BitBlt

comctl32

ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Remove
ImageList_GetBkColor

ole32

CoCreateGuid

advapi32

RegDeleteValueA

msvcrt

memcpy
tan

comdlg32

GetFileTitleA
FindTextA

kernel32

GetCurrentThreadId
lstrlenA
VirtualAllocEx
VirtualAlloc
GetModuleHandleA
LoadLibraryA

shell32

SHFileOperationA
DragQueryFileA

user32

IsWindowVisible
IsChild
GetActiveWindow

shlwapi

SHSetValueA
PathIsContentTypeA
PathIsDirectoryA

version

GetFileVersionInfoSizeA

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 613B - Virtual size: 613B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ