23498f5efcbcbd740bcf1a8af5ac3fb9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23498f5efcbcbd740bcf1a8af5ac3fb9_JaffaCakes118
Size

51KB
MD5

23498f5efcbcbd740bcf1a8af5ac3fb9
SHA1

c4d069cc8934d20d729bd9b796a9fec7fdd4106d
SHA256

d22e8176bda3ce9bc0ae40dd854bad0ac1b38f0bd784520bc3df2f4e476c5469
SHA512

a9cfa57df91ceabdadc8b25f8f7e70f70ecde4bb1dea9eefba75a028d17d02e93f2dcdec75fc32873524b2577547673e175b6dd9e6d03579584c61dbf96fa6a9
SSDEEP

768:A8RCjMmFG4uJRjhaPQsZSFBu0NU2/yhgdAc2VP:e/SR5sZqBL/ygmP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23498f5efcbcbd740bcf1a8af5ac3fb9_JaffaCakes118

Files

23498f5efcbcbd740bcf1a8af5ac3fb9_JaffaCakes118
.exe windows:1 windows x86 arch:x86

8f67d8f8bd852a13c45e83321b7dbec1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetModuleHandleA
RtlUnwind

user32

GetClientRect
LoadCursorA
TranslateAcceleratorA
LoadIconA
LoadAcceleratorsA
MessageBoxA
LoadStringA
GetMessageA
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
SendMessageA
RegisterClassA
PostMessageA
PostQuitMessage
ShowWindow
CreateWindowExA
DefWindowProcA

comctl32

CreateStatusWindowA

crtdll

_iob
_itoa
__GetMainArgs
abort
exit
fwrite
memset
raise
signal
strcat
strchr

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 300B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 292B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_win
Size: 308B - Virtual size: 308B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.test
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE