3e526fc1cee5a125c04704ddf126dae6_JaffaCakes118 | Triage

Sharing

General

Target

3e526fc1cee5a125c04704ddf126dae6_JaffaCakes118
Size

20KB
MD5

3e526fc1cee5a125c04704ddf126dae6
SHA1

bd1c7afe5698e012b13babe4f872bc5c0dc4f13e
SHA256

94348c43ef2dbdb6bb3fdd287b5ae2093acc94540660e7d24cccbb2438e47104
SHA512

97b9e1bcda76a6a49191338404460bd448a952bd9fe8f8e85e57e47bcfef906cc9cd187c0987c39dec9e349c01fbd2134d613f7ea5b7326fceeeded6af4644b7
SSDEEP

384:Ezt0f4c11ZqlRaVKxZjjcjxkK2QOl0szto:pf4foKjjclJ2Zl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e526fc1cee5a125c04704ddf126dae6_JaffaCakes118

Files

3e526fc1cee5a125c04704ddf126dae6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74cb5a32651a0d20533542b271aff535

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcessHeap
GetFileAttributesA
GetTempPathA
CloseHandle
GetProcAddress
SetFilePointer
CreateFileA
lstrlenA
GetModuleFileNameA
SetEvent
LoadLibraryA
lstrcpyA
CreateEventA
RtlUnwind
ExitProcess
CreateThread
WaitForSingleObject
GetVersionExA
WriteFile
ExitThread
lstrcatA

user32

wsprintfA
DestroyWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
ShowWindow
CreateWindowExA
SetThreadDesktop
CreateDesktopA
CharToOemA
EndPaint
IsWindow
CloseWindow

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ