351daf87c1c60a4f35f6e71296c84348_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

351daf87c1c60a4f35f6e71296c84348_JaffaCakes118
Size

6KB
MD5

351daf87c1c60a4f35f6e71296c84348
SHA1

fb961799767062f2be11f2cb1df6bbc84be2bdfd
SHA256

d6fde4ea658bec865010d84bc53c929cd4c411f88cf2efaade5fb0a043219144
SHA512

82e39c4ab35be89b55b393fd09c02b1ec432254cff50f0a887bf176baa22d3b6e692b8d8effc7872acc47945157024fc36ae33861dbc835eb2c09d9bd069a484
SSDEEP

96:oB9DQCI9DJnDlnFifdJbjhFn3WfHbzdEoHgjToQuCH8r3pDn:ODS9DJD9FiVrFGf7uo4cQH89

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
351daf87c1c60a4f35f6e71296c84348_JaffaCakes118

Files

351daf87c1c60a4f35f6e71296c84348_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ffbf75c597767d11b953d3c218735cdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
strlen
strcpy
strcat

user32

wsprintfA
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows

comctl32

InitCommonControls

kernel32

GetModuleHandleA
GetCommandLineA
ExitProcess
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
GetCurrentThreadId
GetCurrentProcessId
WaitForSingleObject
HeapReAlloc
CreateFileA
CloseHandle
ReadFile
SetFilePointer
GetFileSize
WriteFile

shell32

ShellExecuteExA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE