e763fa08cc7f286eca5707cd83c9350c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e763fa08cc7f286eca5707cd83c9350c_JaffaCakes118
Size

15KB
MD5

e763fa08cc7f286eca5707cd83c9350c
SHA1

deb348b3b0939a41f24ca24837c8ccf3dac00c44
SHA256

a5a1c0b9666551be8c3230e006217d09e4079a3398ab35c35fb556b0493fa9b7
SHA512

7bfa51b890721104eb1012c74bdb0f867255d0a86078e87b58e37f4d2f9767dd633a88ffb36de1762361ebe485683eaffadc02c73455635df63f16ac2d6784e1
SSDEEP

384:0E8XuFEhzzv8781V1mnrxAyatNqtEMf4UrRx:NM/k81DmrxArqfVRx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e763fa08cc7f286eca5707cd83c9350c_JaffaCakes118

Files

e763fa08cc7f286eca5707cd83c9350c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b33eec2cd780711cabbd521bf8f9643

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
LoadStringA
LoadIconA
LoadBitmapA
wsprintfA

kernel32

GetModuleFileNameA
lstrcpyA
lstrcmpiA
lstrcatA
WriteFile
SizeofResource
CloseHandle
CreateFileA
CreateProcessA
ExitProcess
ExitThread
FindResourceA
GetCommandLineA
GetLastError
GetModuleHandleA
GetStartupInfoA
GetTempPathA
LoadResource
LockResource
RtlZeroMemory
SetLastError

Sections

.text
Size: 1024B - Virtual size: 734B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 986B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ