22ccc24ade72015bab2f78f6ab0afcbe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22ccc24ade72015bab2f78f6ab0afcbe_JaffaCakes118
Size

289KB
MD5

22ccc24ade72015bab2f78f6ab0afcbe
SHA1

d112d3886d5f2b3815e81301faef4e9603085116
SHA256

c99aa3f0c5231aa905dd8c2a26b540879280dc80a60287403c5d4678ab1995b5
SHA512

99cb22535f2bcce67e0160aa2e43eb9438a3407ac6fcab774c4efead99c54a4213f9a9535f13e76b55f5bdcab6332098b70d8e74734200cd9d6ef51b44166cf6
SSDEEP

6144:UC8DFMgw4JXah7Q6Br5OE463VHduonmx5b:4hMwY1SEdionmx5b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22ccc24ade72015bab2f78f6ab0afcbe_JaffaCakes118

Files

22ccc24ade72015bab2f78f6ab0afcbe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc9bf1b92d9f3a69797f389d92f67375

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

shlwapi

StrStrA

kernel32

GetProcAddress
lstrcpyA
lstrcatA
WriteFile
Sleep
CloseHandle
CreateFileA
ExitProcess
FindResourceA
FreeResource
LoadLibraryA
LoadResource
LockResource
SizeofResource

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE