0dd625f62756c0d1c5c458870a70f140_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dd625f62756c0d1c5c458870a70f140_JaffaCakes118
Size

108KB
MD5

0dd625f62756c0d1c5c458870a70f140
SHA1

0aad09ef2c09f5be91a48fa1f0176c4e517b942b
SHA256

24bbf3b0607d2c0259a9201881ebece38c71baeaf40c4e0f1692733351adf350
SHA512

1482ce06c012e1b26a011956a8c79ec53101509f9eaec355fa0281c242321bff69473993ca1be4dad02ef1f4d12c3a52915c6411860cd9473b8dba9578454b5d
SSDEEP

1536:O9b+XJ88h8MzE2TpchV9MXeFQRSxi0EstwZdq74JfxymiPK4HOusGRvc2tt:OxeJ8Mjl1cCXeXxbadqQpyuNuffr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dd625f62756c0d1c5c458870a70f140_JaffaCakes118

Files

0dd625f62756c0d1c5c458870a70f140_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f395400fa6bd799987ca127d453f38aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA

gdi32

GetBkMode

kernel32

LoadLibraryA
ExitProcess
FindResourceA
VirtualAllocEx
FormatMessageA

user32

ShowWindow
CreatePopupMenu
IsCharLowerA
GetMenu
SystemParametersInfoA
CreateMenu
TrackPopupMenu

Exports

Exports

kzfEh@20
NbPzsfm4
fY4iu9LQSwk@20
p1lfhhEHv9K
_T1AkwobjTP7F2
_Cf5eRG3
O39mMQu@16

Sections

CODE
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 515B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ