2d703fc33a377a93e66ab1278b7601e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d703fc33a377a93e66ab1278b7601e6_JaffaCakes118
Size

105KB
MD5

2d703fc33a377a93e66ab1278b7601e6
SHA1

cd51c7af3a562ac39046753379e68cb5bd671404
SHA256

504290e82d0433dda63ad5f0a38c9e3e5fd2a240956680c0c0e721ea6d26e8b1
SHA512

1319254286f8c23ee32a7b71afef3d017800f96883a3a0fe8115ae1940cc5cf6ac5975e391956eda701430c68f9ec578949b0169974af27274e551acd43f8ab8
SSDEEP

1536:6lvNRfpNKaZedJHwiCALHaOHgkaQB604Hv+qX/fRhF8NvTxY7u4bAviSxq+Co:E8JHweAkr6LPdZhidxY7uJamq+R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d703fc33a377a93e66ab1278b7601e6_JaffaCakes118

Files

2d703fc33a377a93e66ab1278b7601e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7989b3e61f6fa3fa1c9468e0033e273

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetMenu
CharToOemA
GetCursor
CharNextW
CharUpperBuffA
KillTimer

kernel32

LoadLibraryA
VirtualAllocEx
SetThreadLocale
ExitProcess
SetHandleCount
GetACP
SetLastError

shell32

DragQueryFileA
SHGetSpecialFolderLocation
Shell_NotifyIconA

gdi32

GetTextAlign
SelectPalette
SaveDC
RestoreDC

Exports

Exports

edoXaezDliIi@24
e6YgTvRsORC
_SbY6D@20
nQm8LOl17@20
TWzcCBnhLce
WjGZdA5NtRTies

Sections

CODE
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 661B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ