5739280a64cf35b34c1a34d9c45c20b5_JaffaCakes118 | Triage

Sharing

General

Target

5739280a64cf35b34c1a34d9c45c20b5_JaffaCakes118
Size

114KB
MD5

5739280a64cf35b34c1a34d9c45c20b5
SHA1

2068789366c31123a97cff67e096809dd1ea1d58
SHA256

a56beb53164f92ec1c90c59130a1df11adc12cfd2fb43d7636bcbc985e3be53a
SHA512

2efbb8efbd6b79bd7c159a7d9451083c48be17b20af46f738538f31ae629f3896e6394e0f58d382a5db2fcb26c6460f507b883735af5cbd007ff89ae559ad49f
SSDEEP

1536:CgARwJHCWaxHqDwzNOPF1KFwOv+KxHgkU6wutEB/XXpKwe74sZ5t54mU:CWJHdIVNOdUFwq33tOXXgf4v5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5739280a64cf35b34c1a34d9c45c20b5_JaffaCakes118

Files

5739280a64cf35b34c1a34d9c45c20b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31787087190c84bcee4a4f19089ab31e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindowEnabled
OpenIcon
GetMenu
PostMessageA
GetDC

kernel32

VirtualAllocEx
GetDiskFreeSpaceA
ExitProcess
LoadLibraryA
GetACP
GetCurrentProcessId
GetCurrentThreadId

shell32

SHGetFileInfoA
SHGetSpecialFolderLocation
Shell_NotifyIconA

ole32

CoRevokeClassObject
CreateOleAdviseHolder
CoDisconnectObject

Exports

Exports

_lK1vjG
qiEeyZ8zwto@8
0YqURlMbtfZl@12
_TuOfkqkiZ9eO
SWsNuQS93
44tZY

Sections

CODE
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 639B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htdata
Size: 1024B - Virtual size: 542B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ