21a49d9bc45091c9a272c9ca3c3f99eb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21a49d9bc45091c9a272c9ca3c3f99eb_JaffaCakes118
Size

94KB
MD5

21a49d9bc45091c9a272c9ca3c3f99eb
SHA1

1b4a1e041791f4cb4f9581c9c2262bd9e98591a6
SHA256

3a923872044ecdabfbe9ba6c6455d6896d401dd11fcf70655c5a32642701b6d0
SHA512

4ee456d55e9baf7e8cc9939afe924cd466a9299269739ff61c7a9677a0e11774df67602fd42974bb3c21eaa5c88267ce6b76bbbd427653b32abf10a9dd4be399
SSDEEP

1536:d/GRdWb6AlVputT/BoBNj/GRdWb6AlVputT/BoBN2:d/oWb6+/uJ/BCNj/oWb6+/uJ/BCN2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21a49d9bc45091c9a272c9ca3c3f99eb_JaffaCakes118

Files

21a49d9bc45091c9a272c9ca3c3f99eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d7b736d5746949f9d5ed7dbc8205ca8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SetFilePointer
CreateFileA
TerminateProcess
ResumeThread
VirtualProtectEx
VirtualAllocEx
GetProcAddress
GetModuleHandleA
ExitProcess
GetFileSize
lstrcmpA
GetWindowsDirectoryA
ReadProcessMemory
GetCurrentProcess
GetModuleFileNameA
CreateThread
WaitForSingleObject
GetStdHandle
WriteFile
HeapFree
GetTickCount
CloseHandle
HeapAlloc
GetProcessHeap

user32

wsprintfA
MessageBoxA
wvsprintfA

advapi32

GetUserNameA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE