869bf352e50ced9ad0bcefa4594e6984_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

869bf352e50ced9ad0bcefa4594e6984_JaffaCakes118
Size

6KB
MD5

869bf352e50ced9ad0bcefa4594e6984
SHA1

4251f908630d9dc8b1e5807ded66a4e41e96d7cf
SHA256

766fcfd8f57d35ce7b6d7441c1ca7d524379f267089581a65960bc73f1ae5cc1
SHA512

47de74c424aaa1425387a44d2b458c7b3c765357a4f31b7524f7d766e201aecfa18f8ad3a7f6fb4efa51941672676b058c5ae4c39a97366d0a8ed3820e6a1251
SSDEEP

96:Z1serMbMohNqpB6upyKMznZpiAqarswvpXSVVCYkXolmJQ:oewAohNq/TUjkVWQmi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
869bf352e50ced9ad0bcefa4594e6984_JaffaCakes118

Files

869bf352e50ced9ad0bcefa4594e6984_JaffaCakes118
.exe windows:1 windows x86 arch:x86

b1037fd5f233bc5127f009441eb2a505

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateMutexA
CreateToolhelp32Snapshot
ExitProcess
GetCurrentProcessId
GetLastError
GetModuleHandleA
GetProcAddress
LoadLibraryA
OpenProcess
Process32First
Process32Next
RtlZeroMemory
Sleep
TerminateThread
VirtualAlloc
WaitForSingleObject
lstrcpyA
lstrlenA

user32

ShowWindow

Sections

.asdasi
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c231asc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ