4223d0025115e786fa0983d157bf7055_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4223d0025115e786fa0983d157bf7055_JaffaCakes118
Size

103KB
MD5

4223d0025115e786fa0983d157bf7055
SHA1

3c428089fe688b924823b54ae44daf1036120e02
SHA256

c04b577d600464a0df546399683f69bd360de5cb250f5a44da89e1cd2141b006
SHA512

fad522a88c43664b14a3d7fe8bc2ca5817c83f93e5ff9d10ea6abb406ad6c9c1f31ebcb4fe354370a987ef1361885c63bda5a636c71114239e7e90664798297e
SSDEEP

1536:D7clCnlct2/cStNNqFva2pSjKo3p/9NXAX2JBxurj85VaQxBHabtG:D4lCnlcMN2/gTNXAX5/GVaIlV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4223d0025115e786fa0983d157bf7055_JaffaCakes118

Files

4223d0025115e786fa0983d157bf7055_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a5537962ba0bd7761ea587a7ba67b968

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
CloseHandle
DisconnectNamedPipe
FindClose
GetCurrentThread
SetLastError
GetCommandLineA
SetThreadPriority
lstrlenA
lstrcmpiA
SetFileTime
lstrcatW
GetUserDefaultUILanguage
WriteFile
CreateThread
GlobalLock
ExpandEnvironmentStringsW
CreateFileMappingW
GetSystemTimeAsFileTime
GetTempPathW
EnterCriticalSection
CreateEventW
CreateProcessW
GetTimeZoneInformation
SetEndOfFile
MoveFileExW
GetSystemTime
CreateMutexW
SetFileAttributesW
OpenProcess

user32

SendMessageW

Sections

.rcn
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.juj
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fsfef
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ