35667cb101a94881320d35b384ea5336_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35667cb101a94881320d35b384ea5336_JaffaCakes118
Size

68KB
MD5

35667cb101a94881320d35b384ea5336
SHA1

cbbcf2a5bce32812ebdc636c5d0b5a016a371606
SHA256

cac341bf7379b3c0681be948b196ea30e3dcd7f0752e2cbffc0df5a2630ce51d
SHA512

df33bac329a4ab5bfb2f5faf0f9a37415f4bc2e32f8d8e8df096c3941ffe681c58b0945a775fb8baba600522584db19ecc2424816fe7baa293d93085520a005c
SSDEEP

384:mgyI5a54bLk4vBfanqU41dq54bLk4vBfanqU41ZcZgyI5a54bLk4vBfanqU41dqX:mgL8unBfa6qunBfaWcZgL8unBfa6quW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35667cb101a94881320d35b384ea5336_JaffaCakes118

Files

35667cb101a94881320d35b384ea5336_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9a0c6b422e6972b8f4b9568de18d30aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenA
ExitProcess
GetStartupInfoA
lstrcmpiA
SetErrorMode
GetCommandLineA
CloseHandle
ReleaseMutex
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
WaitForSingleObject
CreateMutexA
lstrcpyA
GetModuleFileNameA

user32

LoadStringA
SendMessageTimeoutA
SetForegroundWindow
FindWindowA
MessageBoxA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ