e84c24eea5b70f0cb5c2a2c4d35f32ac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e84c24eea5b70f0cb5c2a2c4d35f32ac_JaffaCakes118
Size

5KB
MD5

e84c24eea5b70f0cb5c2a2c4d35f32ac
SHA1

5fb351fc7bbeffd824e1a38fcc517eb0ea295fec
SHA256

a4416b4b7cd2b05d328b9904abddeca1a959547a223704c8a6187163346dd372
SHA512

aad4729a3822363132857c36ed90f2129400233a4a58e02b2c258328425df824ade1f98529109fd6613a58a5da0732a7efea6bf01c14ae2160381ecdbc120bb4
SSDEEP

96:MBghrsKQi9f520BN2bnqM3BqFnf7IBq6:kggJqyqGB+nTIBq6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e84c24eea5b70f0cb5c2a2c4d35f32ac_JaffaCakes118

Files

e84c24eea5b70f0cb5c2a2c4d35f32ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6e17d8fc2642795ae9fc48816047024

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcpyA
WideCharToMultiByte
CreateEventA
CompareStringA
CreateToolhelp32Snapshot
Process32First
WaitForSingleObject
CloseHandle
GetModuleFileNameW
FreeLibrary
HeapAlloc
HeapFree
GetProcessHeap
ExitProcess
GetModuleHandleA
SetEvent
ExitThread
GetProcAddress
CreateThread

user32

EndPaint
BeginPaint
DispatchMessageA
PeekMessageA
CreateWindowExA
TranslateMessage
MsgWaitForMultipleObjects
DestroyWindow

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE