033c0de8b9cbd982e6d44a62e4abf211_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

033c0de8b9cbd982e6d44a62e4abf211_JaffaCakes118
Size

15KB
MD5

033c0de8b9cbd982e6d44a62e4abf211
SHA1

2b378de961adb6a70e27287872dfbc7608d9e209
SHA256

612b85fec433606a0b92c1418bd8c74ed5f34b11244d84f8b1315822aedbbcd3
SHA512

5acf3d5018fd42fec052c906eb6d49ffb477681ad1c3792f8fd99c0b210bf019f0d92bb3f9598b803e72e188d86fa2045982f5a711daea5f758437dc04259b20
SSDEEP

384:STC/oYXzv8EIM4PdNuDHX+QW8rhrErmHNqES3:P5LRk2+4hr3EES3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
033c0de8b9cbd982e6d44a62e4abf211_JaffaCakes118

Files

033c0de8b9cbd982e6d44a62e4abf211_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55c202a3d8b458194cace160261bd58e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
wsprintfA

kernel32

GetModuleHandleA
lstrcpyA
lstrcmpiA
CloseHandle
CreateFileA
CreateProcessA
ExitProcess
ExitThread
FindResourceA
GetCommandLineA
GetLastError
GetModuleFileNameA
GetStartupInfoA
GetTempPathA
LoadResource
LockResource
RtlZeroMemory
SetLastError
SizeofResource
WriteFile
lstrcatA

Sections

.text
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 922B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ