3af7a48f295dd5842b2fcd24cd53c5a6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3af7a48f295dd5842b2fcd24cd53c5a6_JaffaCakes118
Size

105KB
MD5

3af7a48f295dd5842b2fcd24cd53c5a6
SHA1

4a07539b5ec54238abcc1512b63a58457f865086
SHA256

aada08439d5dc19627d2ea1ded135f89d2d42388aafdc3d3a1e091ad8bc2d27d
SHA512

fdb7ad1a10ea40a09b9f78d668bad2983118c35ae12e7cf6738647efb3b7484f837185a4dc0687b3fe106973469b8eaf996b01407f7401581fabbfb9307e40d8
SSDEEP

1536:6lvNRfpNKaZedJHwiCALHaOHgkaQj604Hv+qX/fRhF8NvTxY7u4bAviSxq+Co:E8JHweAkN6LPdZhidxY7uJamq+R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3af7a48f295dd5842b2fcd24cd53c5a6_JaffaCakes118

Files

3af7a48f295dd5842b2fcd24cd53c5a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7989b3e61f6fa3fa1c9468e0033e273

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetMenu
CharToOemA
GetCursor
CharNextW
CharUpperBuffA
KillTimer

kernel32

LoadLibraryA
VirtualAllocEx
SetThreadLocale
ExitProcess
SetHandleCount
GetACP
SetLastError

shell32

DragQueryFileA
SHGetSpecialFolderLocation
Shell_NotifyIconA

gdi32

GetTextAlign
SelectPalette
SaveDC
RestoreDC

Exports

Exports

edoXaezDliIi@24
e6YgTvRsORC
_SbY6D@20
nQm8LOl17@20
TWzcCBnhLce
WjGZdA5NtRTies

Sections

CODE
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 661B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ