84ffd68fe79f6f2c710d40b3f1844e60_JaffaCakes118 | Triage

Sharing

General

Target

84ffd68fe79f6f2c710d40b3f1844e60_JaffaCakes118
Size

95KB
MD5

84ffd68fe79f6f2c710d40b3f1844e60
SHA1

c890f607ac945691addddf6f04fb9963eb827829
SHA256

2f57cc1c4ba03598669c22b4f3abc1d65d4ebf19e13239923d534574bc74df15
SHA512

c1ab6233ce58d431313f1790cde0ee0cd4ae7ba82171894f91def0ddd65b1381a76d79032da24570a5ce492c0091f0d44aa0c81c103dbe71a00de0655143ff78
SSDEEP

1536:4qfihnCypA8yUAUtwYsaw6qbKXK1A7OI+c8TFM8Eko7Rs0X0vRAs+vw11hoC:ohnZp7/Rtwh6qbK61Yd8TTEko7KNuRC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
84ffd68fe79f6f2c710d40b3f1844e60_JaffaCakes118

Files

84ffd68fe79f6f2c710d40b3f1844e60_JaffaCakes118
.exe windows:5 windows x86 arch:x86

df93d6ea900833f72b51011691095deb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpLogicalW
StrStrIW
StrPBrkA
PathGetCharTypeW
PathGetDriveNumberW
ChrCmpIW
UrlCompareA
PathIsRootW
PathIsSameRootA
UrlGetPartA
StrToIntA
ord29

kernel32

lstrcatA

user32

LoadBitmapA
IsMenu
GetProcessWindowStation
GetClassLongA
GetActiveWindow
IsCharLowerA

Exports

Exports

?FormFactor@@YGXUverifyEw@CA7
?FormWeight@@YGXUverifyEw@CA7

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.one
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.void
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zero
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ