3707c8176d7c980cba781927d20755a6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3707c8176d7c980cba781927d20755a6_JaffaCakes118
Size

177KB
MD5

3707c8176d7c980cba781927d20755a6
SHA1

b88c7774837525cf5b8ef776be0cea457511beac
SHA256

a09aabe95f79b68f3f7e994d7a84831a934ddcf2f6e2e3dfa9260b217e75f06a
SHA512

83f01003b0fd83d9752e67cad5ab94f4ef241c98390e2677aba0d53459a5d2a3daa7cb4c469b457990699dec102bb90ce1ef9bbef04f7136e44bb867bb19d673
SSDEEP

3072:YQTJK5crdCqlnW/bjhM1rv4cr4Gf0gUjWo2dh692c9NkkbX0dxQwJt1:TTJvvQTjQA64GMWoO6nqxQe1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3707c8176d7c980cba781927d20755a6_JaffaCakes118

Files

3707c8176d7c980cba781927d20755a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4ff4e9520d2b9d618be12fecec0c0ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LoadResource
SizeofResource
FindResourceA
CloseHandle
WriteFile
CreateFileA
GetTempFileNameA
DeleteFileA
Sleep
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetStartupInfoA
LockResource
lstrcpyA
GetCommandLineA
FreeLibrary
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA

lz32

LZCopy
LZOpenFileA
LZClose

user32

MessageBoxA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ