08b34056dad931e11f86977214ffd5e4_JaffaCakes118 | Triage

Sharing

General

Target

08b34056dad931e11f86977214ffd5e4_JaffaCakes118
Size

66KB
MD5

08b34056dad931e11f86977214ffd5e4
SHA1

f98408fc9e07a76dd654672f1b01dc5c0e2cb5b0
SHA256

b66eb89881b8f992797c58bb93b98f8240e4c2d7ec9fcda824fae2a4a84c750c
SHA512

63a6588b849c09a58dc67447bc654c20260291b73cae946afe735d7080650bd4dd04f90650db0af383d41aa2d233589f47cd4ee1fff64ef310238eba3472acc1
SSDEEP

1536:611XoJYf3aGX331YptmKwU115l4Ba81W7jRKwqPt:6QJYf3aGX1Yzj3rl4EoWPRKXt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08b34056dad931e11f86977214ffd5e4_JaffaCakes118

Files

08b34056dad931e11f86977214ffd5e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98ef47c7af9f173a164b12c649e1600e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
Shell_NotifyIconW
SHFileOperationA
SHGetSpecialFolderLocation

kernel32

EnterCriticalSection
DeleteCriticalSection
CreateThread
LoadLibraryA
VirtualAllocEx
CreateEventA
VirtualAlloc

user32

LoadIconA
IsZoomed
KillTimer
GetDC
GetWindowDC
CreateMenu
IsChild
IsWindowVisible
GetWindowTextLengthA

Exports

Exports

fTP9eyLJB3@12

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text