006f9814ac5465b164aa8b926aeed68e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

006f9814ac5465b164aa8b926aeed68e_JaffaCakes118
Size

18KB
MD5

006f9814ac5465b164aa8b926aeed68e
SHA1

078256cf038913adb521821b97af711635811a63
SHA256

39c0e335ebbf82865c3be8b344767dd5719023399fe84eb18b6b3fd1e0a1e82c
SHA512

7d525393432d3c0ed41e69173abff63d30d0c8334e4ed95f49fa4a2460725e762983ee63ff88ad4dd6c2bbaeb9648e122005b844f4ddea402fdc0f0ed0381b44
SSDEEP

384:hYc77/imDKtrJfQV5+T8SY+JPe76uUAKcul0szto:acv/iTtg+n1SKl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
006f9814ac5465b164aa8b926aeed68e_JaffaCakes118

Files

006f9814ac5465b164aa8b926aeed68e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f450966ff746f7074df7b77b5b69b99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
CreateEventA
GetFileAttributesA
lstrcatA
GetProcAddress
GetCurrentProcess
GetModuleFileNameA
GetModuleHandleA
CloseHandle
lstrcpyA
lstrlenA
SetFilePointer
LoadLibraryA
RtlUnwind
ExitProcess
CreateThread
WaitForSingleObject
GetVersionExA
WriteFile
ExitThread
GetTempPathA
CreateFileA

user32

wsprintfA
DestroyWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
ShowWindow
CreateWindowExA
SetThreadDesktop
CreateDesktopA
CharToOemA
BeginPaint
IsWindow
CloseWindow

Sections

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ