4755775172170d401066b7e07ad8607c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4755775172170d401066b7e07ad8607c_JaffaCakes118
Size

14KB
MD5

4755775172170d401066b7e07ad8607c
SHA1

a9cd294461a43f41261b818013e779f45e4a4aa3
SHA256

8cbe50e97366bc8d9a05eefcf3753ab5c821552a99dcc33569b371c23efdfadd
SHA512

5d6a76503e6a01ef5a81efc0b738dcbd78b24d09a70f8dc40a294a723855bef5e96035475fac207407ce1d0cb818ab7c2dfa0e65f43e79067be065ed08897b1b
SSDEEP

192:gwNe7+WBQBfDAgb3KaA+fzrFW5xxy8fwSWNNtoeodHuIv:VNeKWyBDAgb3KD+bruwxNLo5dOIv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4755775172170d401066b7e07ad8607c_JaffaCakes118

Files

4755775172170d401066b7e07ad8607c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5afa41ab7ed2a2f7eaf1cb09dbcbd5d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
GetLastError
GetModuleHandleA
GetCommandLineA
ExitProcess
LoadLibraryA
GetProcAddress
Sleep
FreeLibrary
RtlZeroMemory
RtlMoveMemory
CreateFileA
WriteFile
CloseHandle
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
FlushFileBuffers

user32

GetDlgItem
SetFocus
EndDialog
SendMessageA
SetDlgItemTextA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ