436ae28b653537d3a6d13eea0bd729c0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

436ae28b653537d3a6d13eea0bd729c0_JaffaCakes118
Size

31KB
MD5

436ae28b653537d3a6d13eea0bd729c0
SHA1

3f06ddfe7debf57e316a208ddff273aaaf0e0906
SHA256

fc0d7ef081a2eb6669f1313166a1bd0ab539d175de16d6517124be15d67d7022
SHA512

e780e81aaa21e90ebd148dba2943c91e97252fe583713a9542d129871833860fdb45ea081ef303e3b3a727c686a4c60641db28a8c930f228b9f1380863b8158e
SSDEEP

768:rz/6Yo8Am7catwkMBfH2c1DZNbK7bu2gMwje63OWoZu/G1qc5Se7x:rz/6n8Am7LRMxHbp12gMwje63OWoZu/Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
436ae28b653537d3a6d13eea0bd729c0_JaffaCakes118

Files

436ae28b653537d3a6d13eea0bd729c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a351fa44e2e53da0ab14348bf9095475

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
LoadStringA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
SendMessageA
DefWindowProcA
BeginPaint
EndPaint
PostQuitMessage
CreateWindowExA
ShowWindow
UpdateWindow

kernel32

GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA
GetLastError
LoadLibraryA

gdi32

TextOutA

shlwapi

PathMatchSpecA
PathFileExistsA
PathFindExtensionA
PathFindFileNameA
PathCompactPathExA
PathIsDirectoryA

crtdll

__GetMainArgs
_XcptFilter
_local_unwind2
_global_unwind2
_fmode_dll
_commode_dll
exit
_initterm
_acmdln_dll
_exit

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ