41a23fbd992e4b83ade6cf6e9d136fe8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41a23fbd992e4b83ade6cf6e9d136fe8_JaffaCakes118
Size

21KB
MD5

41a23fbd992e4b83ade6cf6e9d136fe8
SHA1

4e46b3a9d3c56b39d08656da09898dc25d4af35c
SHA256

9fa6d4d70f25b8c6422c9592eca35b4d5aec57b4f314a3a76d939c3b04931b33
SHA512

fbd15bcc7fb28ceae78f28ffd2e4b3634b4f82c8c9e4e4adbb55bf9e49151163bc4632e6608d63e1bf7532c46827a32f2d968355c69c417615d32ae35082a5e2
SSDEEP

384:cQD/HKIujcA7ew6UKycDzJYKtgOl0fG34o:1/KIujzRcDzJNtJl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41a23fbd992e4b83ade6cf6e9d136fe8_JaffaCakes118

Files

41a23fbd992e4b83ade6cf6e9d136fe8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25fb89a3d88211c8faec185046551e86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetProcessHeap
CreateEventA
GetFileAttributesA
lstrcatA
GetProcAddress
ResetEvent
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetCurrentThreadId
CloseHandle
GetTempPathA
lstrcpyA
lstrlenA
SetFilePointer
LoadLibraryA
RtlUnwind
ExitProcess
SetEvent
CreateThread
GetVersionExA
WriteFile
ExitThread
CreateFileA

user32

DestroyWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
CreateWindowExA
SetThreadDesktop
CreateDesktopA
CharToOemA
GetTopWindow
wsprintfA
IsWindow
ShowWindow

shell32

SHGetFolderPathA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ