3b15d69d798243b458ceeae857d22399_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b15d69d798243b458ceeae857d22399_JaffaCakes118
Size

98KB
MD5

3b15d69d798243b458ceeae857d22399
SHA1

8c6e72886aa64eff8ec43b9263e7596a5d42885a
SHA256

a1e7da82abdb6d850dd32f98c8876ee10695bf90d83d524a974beb153548aae5
SHA512

1e19a651c96c33b325efacd59659b8d3252afb17bb77b94e5aac2964813202b5fb39ec6af5e8551a0535bf097e1c508608944a6763599fa0fa9276b4979ae499
SSDEEP

1536:K8Xxqb8dZo2dykXZLC5/EMEdDbYLo7cIJXw09TVMmy5TsRJ3kAPiihxuC6yq4mM:AAdZoeysRYcdALG9Bw4MmATqkjIDx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b15d69d798243b458ceeae857d22399_JaffaCakes118

Files

3b15d69d798243b458ceeae857d22399_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72e94f2f8a3624f6a1a7d87453006074

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHFileOperationA
Shell_NotifyIconW
SHGetDiskFreeSpaceA
DragQueryFileA

kernel32

LoadLibraryA
ExitThread
ExitProcess
VirtualAlloc
CloseHandle
Sleep
GetProcessHeap

user32

GetMenu
IsMenu
GetSysColorBrush
DrawMenuBar
GetSystemMenu
GetSysColor
GetTopWindow
GetCapture
GetWindow
GetActiveWindow
GetWindowDC

comctl32

ImageList_Create
ImageList_GetBkColor
ImageList_Add
ImageList_Draw
ImageList_Remove
ImageList_DragShowNolock
ImageList_Destroy
ImageList_Read
ImageList_Write
ImageList_DrawEx

Exports

Exports

_UT1mej8ZlD@4
MfNhuJnA@12
RCn0bpD@20

Sections

CODE
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 1024B - Virtual size: 1019B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ