b3bee03379854f1ab53f78ef534e3d80_JaffaCakes118 | Triage

Sharing

General

Target

b3bee03379854f1ab53f78ef534e3d80_JaffaCakes118
Size

97KB
MD5

b3bee03379854f1ab53f78ef534e3d80
SHA1

17c38de46568cae7faecc3bd2aaff6870e922435
SHA256

d9c158808c165b2810eb9d406f463638197173c3aa849afa751fc54f6002660e
SHA512

f6afb2faf1d434d73b3fbb31787f00fe3eee8d332109faae1be20b5e73e6771282a0521f4bff3040ab966cda77035f073680b1320fe822bf70de23d730272296
SSDEEP

3072:EZ7+W/Qw9z6qbK61YhbDlAMKtVr1wmRImLzt:EZIwjOB8tV5wmx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3bee03379854f1ab53f78ef534e3d80_JaffaCakes118

Files

b3bee03379854f1ab53f78ef534e3d80_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ca60338c5d2f253ef658a4bd6308d252

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathGetCharTypeW
PathIsRootW
ord29
UrlCompareA
PathIsSameRootA
StrToIntA
StrPBrkA
StrStrIW
PathGetDriveNumberW
UrlGetPartA
StrCmpLogicalW
ChrCmpIW

kernel32

lstrcatA

user32

GetProcessWindowStation
GetActiveWindow
IsMenu
LoadBitmapA
IsCharLowerA
GetClassLongA

Exports

Exports

?FormFactor@@YGXUverifyEw@CA7
?FormWeight@@YGXUverifyEw@CA7

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.one
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.void
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zero
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ