47464580a1b77e47b3b0fe073afdf029_JaffaCakes118 | Triage

Sharing

General

Target

47464580a1b77e47b3b0fe073afdf029_JaffaCakes118
Size

7KB
MD5

47464580a1b77e47b3b0fe073afdf029
SHA1

2f7130e27b5ca8950af4aad8f9b8c5ba6189d382
SHA256

bf4b9579b3f3490730c7cc2ef2dda97dccef0993a518e7e56f41202ca2f407cc
SHA512

fadfe4c8cf2fedaaa901a0785f4443657b3e2ef97042b8cc19804c1697be010d7157ab413332f925fae23162716ae55e745e962482a33119a372913d3d707eea
SSDEEP

96:GMgQSM1g/Hv4S79OD2J+4G6L9F79klhtaa8ffc0wheuJxBdHDQ4CO:ZgV4ShkF67wK3wIoxBdHEjO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47464580a1b77e47b3b0fe073afdf029_JaffaCakes118

Files

47464580a1b77e47b3b0fe073afdf029_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ebbb38de4cd1d49ee2b1eae87b5e3b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetModuleFileNameA
Sleep
lstrcatA
lstrcpynA
lstrcpyA
CloseHandle
GetLastError
Toolhelp32ReadProcessMemory
Process32Next
lstrcmpiA
OpenProcess
Process32First
CreateToolhelp32Snapshot
CreateMutexA
GetSystemTime
lstrlenA
CreateThread
SetLastError

user32

DispatchMessageA
MessageBoxW
MessageBeep
MessageBoxA
GetMessageA
TranslateMessage

advapi32

AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueA

msvcrt

memchr
_strrev
_swab
abort
_memicmp
sprintf
exit
fseek
fclose
fflush
fprintf
fopen
fread

winmm

timeKillEvent
timeSetEvent

psapi

GetModuleFileNameExA

shlwapi

PathFileExistsA

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE