165eee09e9cbb8d783229faceee202d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

165eee09e9cbb8d783229faceee202d1_JaffaCakes118
Size

27KB
MD5

165eee09e9cbb8d783229faceee202d1
SHA1

e3cf84e5199cd52963f0f43f710dc6e899598fec
SHA256

c583394a1fc2ac439ccb2706144b7574fe8f1701aefa4875ae3be29390527c00
SHA512

f60105292b22c5fc61cbfd1d9dd34df5a6952702df14f5855f36f2ba69af084ba257f85d773a154cbb024535b51935bd3b24b00ca9eb449a6c7288c043d79c75
SSDEEP

768:YZXExYZsoNy6An1zNzz6VddEvOqLLL5TIfZwgDiQks:+5szhzx7nLhIfZ9Di

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
165eee09e9cbb8d783229faceee202d1_JaffaCakes118

Files

165eee09e9cbb8d783229faceee202d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3200f98c78dc9f1c321d69161a1b8cdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCommandLineA
GetModuleHandleA
GetProcAddress
InterlockedExchangeAdd
RtlZeroMemory
VirtualAlloc
lstrlenA

user32

CreateDialogParamA
EndDialog
GetWindowRect
LoadCursorA
LoadIconA
MessageBoxA
MoveWindow
SendMessageA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 498B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ