17e82efe98518cab53f04a5f12cd8e19_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17e82efe98518cab53f04a5f12cd8e19_JaffaCakes118
Size

134KB
MD5

17e82efe98518cab53f04a5f12cd8e19
SHA1

a4ef2ad72c01402b61e2e20df88897c4fb199b30
SHA256

939f59b77beff0c07e40bb9220e374d5f9c43648e9e03eb3e7ee75b4a4c5cbd1
SHA512

604040a54eee5b5891e4e7a856b4468d318563657a55542f7324751ad8c51907039405208cc791511fbe82b2226406d4ecc00cf53e13b31bbd02370333ee7382
SSDEEP

3072:FKy3JFS5T7QrhHQ1VDmD34FFmAfaH3rr2E8XFI:FKy3JFSBQICz4FFpaHGE8XS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17e82efe98518cab53f04a5f12cd8e19_JaffaCakes118

Files

17e82efe98518cab53f04a5f12cd8e19_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30e41d76dd3e6950a9eadd3ecb3dfd62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
LocalAlloc
DeleteFileA
LoadLibraryA
FindClose
VirtualAlloc
EnumCalendarInfoA

user32

GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetMenu

Exports

Exports

_o_AAP0U@16
G017Ujx15
_XEVOSL@20
Yjr0Q@4
TSQiKw87LsIcm3
PIGODe@24
_SfaPIK@4
lcnYYxNGEDvYJn@12
5Ono5PiZh

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text