f311e38164f6d0de7c212ef4b8fd2b99_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f311e38164f6d0de7c212ef4b8fd2b99_JaffaCakes118
Size

5KB
MD5

f311e38164f6d0de7c212ef4b8fd2b99
SHA1

55015de3e73b187156379d690aa0f968d51ca160
SHA256

774a8016e4aea78c8bf6dac8b6babcff5f74df1a5f56a8a6feefb5413ffebabf
SHA512

20b3cd4d604261aa27f58bfac5ba2fcc5c21fd0993f3fbc15f4ce4a1e4bc7e02cffeb27a21b63d30421859c34ceec45bee414f406bf6d43b550407c500d1844d
SSDEEP

96:WC2LlaJXHS9L9o3oEURXss6RXs5I6j0w2lV:Uhx9o3oEUmJm5dj0pl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f311e38164f6d0de7c212ef4b8fd2b99_JaffaCakes118

Files

f311e38164f6d0de7c212ef4b8fd2b99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50c8a8e579e8850170c99c5833934d06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateMutexA
CreateProcessA
CreateRemoteThread
ExitProcess
GetCurrentProcess
GetCurrentThread
GetEnvironmentVariableA
GetExitCodeProcess
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetWindowsDirectoryA
OpenMutexA
OpenProcess
SetFileAttributesA
SetPriorityClass
SetThreadPriority
Sleep
VirtualAllocEx
WaitForSingleObject
WriteProcessMemory
lstrcatA
lstrcpyA

shell32

ShellExecuteExA
SHChangeNotify

user32

FindWindowA
GetWindowThreadProcessId

urlmon

IsValidURL

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 974B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE