fe5f76685e07fb58437dae6c77b0a830_JaffaCakes118 | Triage

Sharing

General

Target

fe5f76685e07fb58437dae6c77b0a830_JaffaCakes118
Size

14KB
MD5

fe5f76685e07fb58437dae6c77b0a830
SHA1

a595c084356960c093de81cc75fa44796c16af5d
SHA256

45a849fa4ef1b773b809d545a7f015e4c995ff9799acdab80d77888ebe0d372b
SHA512

a71af1bab6c0789c54bd25d277be965f1a2b98fd2d9d5f37f8421ea4abfc44e3e2bb5cb0bc71f331b8d549a7d91ceaef2b36c5996e5b22f7780d0211a8ef75dd
SSDEEP

384:WpctE/I+hjbqitkaaCNwkQH4DYUkCcarPML1sK:WpctEQ2qitkUwkQH4DYUkeML

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe5f76685e07fb58437dae6c77b0a830_JaffaCakes118

Files

fe5f76685e07fb58437dae6c77b0a830_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef6994da032f8452f59ad4ffbb587df4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetCurrentProcess
GetFileAttributesA
CloseHandle
CreateEventA
GetProcAddress
CreateFileA
lstrlenA
GetModuleFileNameA
PulseEvent
LoadLibraryA
lstrcpyA
SetFilePointer
ExitProcess
WaitForSingleObject
SetEvent
WriteFile
ExitThread
GetVersionExA
CreateThread
GetTempPathA
ReadFile
lstrcatA

user32

DispatchMessageA
SetThreadDesktop
ShowWindow
PeekMessageA
CreateWindowExA
TranslateMessage
CreateDesktopA
MsgWaitForMultipleObjects
DestroyWindow
CharToOemA
wsprintfA
CloseWindow
BeginPaint

Sections

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ