427cde0fa60cf5f7dbf91b59063622d5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

427cde0fa60cf5f7dbf91b59063622d5_JaffaCakes118
Size

1.7MB
MD5

427cde0fa60cf5f7dbf91b59063622d5
SHA1

58ebc32e659237943910c025cb64452a57d4f127
SHA256

bfc33780d661400025abdb4ad94ef5c5f92eff71e35ff6ce2ab138d7bd34708c
SHA512

d7b2337fb95aa891cbb98ae39420b70fcbe73859be67d8e5892f0df517e7fa1352632dff268f91f2048051d0b595d01138f854fc95f6591000699a2a30d024db
SSDEEP

49152:pjHQYYdPW8QjFcmtORRbsu4t1WjV9kqkkkkkkkkku9jPzvuXCkqkkkkkkkkk:ZwYYdPW8CFcA4bsNt1iZHu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
427cde0fa60cf5f7dbf91b59063622d5_JaffaCakes118

Files

427cde0fa60cf5f7dbf91b59063622d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2fa4efd4a20bf6d148b5ca8ca179b3ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
ExitProcess
CloseHandle
WriteFile
CreateFileA
WaitForSingleObject
CreateProcessA
GetStartupInfoA
CreateDirectoryA
SetFileAttributesA

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ