b77d3109371f927ef61f9e3e1b36e670_JaffaCakes118 | Triage

Sharing

General

Target

b77d3109371f927ef61f9e3e1b36e670_JaffaCakes118
Size

95KB
MD5

b77d3109371f927ef61f9e3e1b36e670
SHA1

753a386bebe1fa4b2286c17a571c808f0b3eb263
SHA256

4f933abd897e5366bbb8c3d34cfe0b002cae94c36fd0af3d06297482b2d52b4e
SHA512

f1a099c6422eb727efb79badcbd38338d37565b703a33e30801ebc33cf659906c3f2d1c74b7ae48e8e96b9a1449c219dffe153407c4eef80edad311e166e7d5d
SSDEEP

1536:nNEtQrCwzs6yO+s8iiUExoM/ygXNRxkusQRDV0sK1MbFUJno:nNPCwzDyFs8iyoM6gX5YQRB0sjad

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b77d3109371f927ef61f9e3e1b36e670_JaffaCakes118

Files

b77d3109371f927ef61f9e3e1b36e670_JaffaCakes118
.exe windows:5 windows x86 arch:x86

db6c5c35341ddc13d85bfdde2ab47499

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathGetDriveNumberW
StrCmpLogicalW
ord29
PathIsSameRootA
StrStrIW
StrPBrkA
PathIsRootW
UrlCompareA
PathGetCharTypeW
UrlGetPartA
ChrCmpIW
StrToIntA

kernel32

lstrcatA

user32

LoadBitmapA
IsMenu
IsCharLowerA
GetActiveWindow
GetProcessWindowStation
GetClassLongA

Exports

Exports

?LormDelete@@YGXUverifyEw@CA7
?LormSelect@@YGXUverifyEw@CA7

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.one
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.void
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zero
Size: 1024B - Virtual size: 805B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ