0d6d427233cdbca7a23e8ba90b2d4b27_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d6d427233cdbca7a23e8ba90b2d4b27_JaffaCakes118
Size

5KB
MD5

0d6d427233cdbca7a23e8ba90b2d4b27
SHA1

c3f8a17a3ca153ad5558a5078f747890d7ba99b0
SHA256

3b4d30828992a45d4127392ad4ae46f42dfd58a2e95aaaed667f3bb1930f3852
SHA512

639a781e438a1a24aad8861fa069b1ab3383a15a1446f1e96c8a026649a6638e7eb1bee851a3f990b0e9da8fc2615509628b8c18f156a509e6076cff16f1db53
SSDEEP

96:YEgQnS8nSDTc55CcdProzhiuPSv7dQczx5arUa+lrY:vgQS8SD/eotdP6+clArB+RY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d6d427233cdbca7a23e8ba90b2d4b27_JaffaCakes118

Files

0d6d427233cdbca7a23e8ba90b2d4b27_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57e8c5cf2967c3b250472ecbd21ef326

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strstr
strncpy
rand
_snprintf
exit
_endthread
_beginthread

kernel32

GetModuleFileNameA
GetTempPathA
GetModuleHandleA
SetFileAttributesA
CreateFileA
WriteFile
CloseHandle
MoveFileExA
Sleep
ExitProcess
WaitForSingleObject
CreateMutexA
SetErrorMode

user32

IsWindow
FindWindowA
GetMenu
BlockInput
SendMessageA
SwitchToThisWindow
keybd_event
GetWindowTextA
VkKeyScanA
MessageBoxA
FindWindowExA

shell32

ShellExecuteA

Sections

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE