429b261a90268129e499ffc0282067f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

429b261a90268129e499ffc0282067f8_JaffaCakes118
Size

133KB
MD5

429b261a90268129e499ffc0282067f8
SHA1

b1778df31c08aa51aaae30873d1f9323573f2aae
SHA256

e01def87085091e96fc75318429d7bfa8f77699abd4e988a3a1f29aed8cd7713
SHA512

1117338dea5b2af3dd30a01dcc836166b1b1b090f58a5d7c7fa3a383c38eb915ee036b58856af329ed1971e6f7bf3baf23203a4e05ab73e6226210b1846f2e57
SSDEEP

3072:+kwfBWX/oJGBhKcXsqog9SFXOgT2i20y5PuhHDS/Vd:s+IksqofhKlaHDS/V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
429b261a90268129e499ffc0282067f8_JaffaCakes118

Files

429b261a90268129e499ffc0282067f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

681fb869c1498bb4da406c40e4ed7f13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathA
Shell_NotifyIconA
SHFileOperationA
SHGetDesktopFolder

shlwapi

SHStrDupA
PathIsContentTypeA
SHDeleteKeyA

user32

CharUpperA
IsDialogMessageA
IsDialogMessageW
IsIconic
GetCapture
LoadCursorA
GetMenu
GetActiveWindow
GetFocus
IsRectEmpty
CharLowerA

gdi32

GetRgnBox

kernel32

ExitProcess
lstrcatA
HeapDestroy
GetStdHandle
VirtualQuery
GetLocalTime
GetLastError
VirtualAllocEx
CreateEventA
SetThreadLocale
VirtualAlloc
FormatMessageA
GetCommandLineA
FindResourceA
GetFileSize
CreateFileA
lstrlenW
SetEvent
GlobalDeleteAtom
GetFileType
lstrcpyA
GetThreadLocale
IsBadReadPtr

Exports

Exports

_qZK2pn
57BMR@12

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 118KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ