e29c0c4ddd9c22c797748b8e8b797556_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e29c0c4ddd9c22c797748b8e8b797556_JaffaCakes118
Size

225KB
MD5

e29c0c4ddd9c22c797748b8e8b797556
SHA1

163641679bfbbfa68c750398b12ca2918337712e
SHA256

35aa3748f76a5c0a2efe24f0fb28eb70ad7d0f6d189d13492f805a84d87d296d
SHA512

5fa1305947845e707ea8de30307eee9923ed7a2b7bae47a49dbdb722010fdafe9f562aa3adfc865d76c1a74ddfa683cb63e698d1cf8890696e377c35240504a3
SSDEEP

6144:6zBo54/0k5c4W0dPxm3TKzfqE3z3LrVQHEzVbtSpMel:6j0kE2mDgfhDiI5SpM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e29c0c4ddd9c22c797748b8e8b797556_JaffaCakes118

Files

e29c0c4ddd9c22c797748b8e8b797556_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bca4bdcd4f43625162405dc2c10a2a04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
PostMessageA
FindWindowExA
FindWindowA

kernel32

lstrcatA
WriteFile
CloseHandle
CreateFileA
ExitProcess
GetTempPathA
Sleep

shell32

ShellExecuteA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 406B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 222KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE