3b16ce14b1cfbc2270e79855d569d991_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b16ce14b1cfbc2270e79855d569d991_JaffaCakes118
Size

3KB
MD5

3b16ce14b1cfbc2270e79855d569d991
SHA1

712665016cdd5e75a7a96d4e40c800f9f73efc97
SHA256

d25de200b7a275de021072faf32a6cc794aeb17f2a259cd75f36d5b5431c7cb6
SHA512

636069b160850ac2173445df8673fa4408be7581b5b6b94a2d874d97469e62c92aaa29287bb0afa872bfac50ba525ad678c85c1824da854b25b378df5d59a3e2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b16ce14b1cfbc2270e79855d569d991_JaffaCakes118

Files

3b16ce14b1cfbc2270e79855d569d991_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22bc890af78639c01c068825971fe12b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
WinExec
CloseHandle
WriteFile
CreateFileA
GetModuleFileNameA
GetTickCount
GetCurrentDirectoryA
Sleep
FreeResource
SizeofResource
CreateDirectoryA
LockResource
LoadResource
FindResourceA
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA

user32

FindWindowA
PostMessageA

shell32

ShellExecuteA

msvcrt

rename
strrchr
sprintf

Sections

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ