dbf838c781ec19456cd275e2b0160830_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dbf838c781ec19456cd275e2b0160830_JaffaCakes118
Size

95KB
MD5

dbf838c781ec19456cd275e2b0160830
SHA1

3ec24281c6db4aa4c05b01f56a210638bd14df4c
SHA256

84db4bb5eff97e8807febdeac959864500a8c05d26d4ea9f350d5bdd1d5698e2
SHA512

a9e472383c6fe28e993bd2a467a70d77271c55e86ffa3c977ff7769b9965e693de6a55e391cee6345d0663243b161653168343d4dd105905014a4c72793b5bb4
SSDEEP

1536:VhuOyUt2k/SCZrtaw6qbKXK1A7DI+A8TFM8EMiys0X0vRos+vw21h:Vh7/t2kP5R6qbK61YI8TTE/FNu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbf838c781ec19456cd275e2b0160830_JaffaCakes118

Files

dbf838c781ec19456cd275e2b0160830_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2a37807093ea2465d08c937990ec306d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsMenu
LoadBitmapA
IsCharLowerA
GetClassLongA
GetActiveWindow
GetProcessWindowStation

kernel32

lstrcatA

shlwapi

StrToIntA
PathGetDriveNumberW
UrlGetPartA
PathGetCharTypeW
UrlCompareA
StrCmpLogicalW
StrStrIW
PathIsSameRootA
ChrCmpIW
PathIsRootW
ord29
StrPBrkA

Exports

Exports

?FormFactor@@YGXUverifyEw@CA7
?FormWeight@@YGXUverifyEw@CA7

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.one
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.void
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zero
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ