364f9c4c329cff6c3fcea6516014d743_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

364f9c4c329cff6c3fcea6516014d743_JaffaCakes118
Size

8KB
MD5

364f9c4c329cff6c3fcea6516014d743
SHA1

ffaee24ddd8c65c494abb149ed397f20dd641b37
SHA256

7907be64c4ee594d2afade8b4eed2b4f2ad3bd1f905742cb44a5d32c802b4e59
SHA512

78eda78fd9ecf0ea914c1bb0d8b2b4751109108b73d365b44a5145a72cd46985c08fdd5ef19e1fd085a7adaa7cd86e7a0c1608543c65e8e4e928ba69bfd873c0
SSDEEP

48:i/cLVpkWpk8xgPT7cwW8K+BhKk8gRlD4HqrRVMAHzyk+FXBec77aRC:ecLDDTabhK+sKbMYzH2XBd77a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
364f9c4c329cff6c3fcea6516014d743_JaffaCakes118

Files

364f9c4c329cff6c3fcea6516014d743_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b092ec3a0b72e06f14972f2f4ee212a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
ExitProcess
WinExec
GetProcAddress
LoadLibraryA
CloseHandle
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetModuleHandleA
OpenProcess
Sleep
GetWindowsDirectoryA

user32

GetWindowThreadProcessId
FindWindowA

Sections

Amoeba
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE