3be53f77076a7ba60d5ef3643947e163_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3be53f77076a7ba60d5ef3643947e163_JaffaCakes118
Size

123KB
MD5

3be53f77076a7ba60d5ef3643947e163
SHA1

ba50d8e9180f3acc039dbb11dc981937a0cc3a2b
SHA256

6da3e99dbd3c9d74b1d99df7834a8cac93f8d6a83141580f96d04a60d3b68b93
SHA512

b63981289a6cd1eb87ddfc8f25f7700a812f028e967d98d50afb30c43faca10a21b3eb9e5daa081e348f1bf4512b68f0c64c449a534bb776e5372120be73f082
SSDEEP

3072:2myQcSJ2k3AEp7nteBoZReN9swsvkgRZOnxcY6FSrHsiym:2mDh8ORE9sPMgb6xFBoib

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3be53f77076a7ba60d5ef3643947e163_JaffaCakes118

Files

3be53f77076a7ba60d5ef3643947e163_JaffaCakes118
.exe windows:4 windows x86 arch:x86

050777e94d4a7319693ee0f08fb1d0db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
DeleteFileA
ExitProcess
GetDriveTypeA
GetEnvironmentStrings
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetTempFileNameA
IsDebuggerPresent
LoadLibraryA
VirtualAlloc
VirtualFree
WriteConsoleA
lstrlenW

user32

GetClassInfoA
GetDlgItem
GetForegroundWindow
GetParent
GetWindowRect
GetWindowTextA
IsWindow
SetTimer

gdi32

GetCurrentPositionEx
SetEnhMetaFileBits

shell32

ExtractAssociatedIconW
ExtractIconExA
ExtractIconExW
SHGetFileInfoW
SHGetSpecialFolderPathA
ShellExecuteA
Shell_NotifyIconA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1007B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ