4423cb65d61330455ff1db082ab81daf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4423cb65d61330455ff1db082ab81daf_JaffaCakes118
Size

322KB
MD5

4423cb65d61330455ff1db082ab81daf
SHA1

45fca3f41c0ffbf428661cca17213f21ec364db4
SHA256

54f9416e8c43f689ade5b6ed84dd668117b5b5f3186c5eadfbfc9c7c3df7efa7
SHA512

9b384cdb62dddf0750398727a0ecc9f4c4a30eea9977e0216086beba1a00b8b024f609d7a4d2e72da2eb47a76f38be8dc36a860e3bebb42c6e5b968198927ac2
SSDEEP

6144:Lq0M8OQAO5WSocVxgGcj/v0SmmVNi2ADlVGoKoF1aC0bB1YMM3Ad6W:20IEScVfk0N2NQjUTnX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4423cb65d61330455ff1db082ab81daf_JaffaCakes118

Files

4423cb65d61330455ff1db082ab81daf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab7a86cd1dab873f80276a2b3701dafb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardLayout

shell32

SHGetSpecialFolderPathA
ShellExecuteA

shlwapi

StrStrA
StrChrIA

kernel32

GetCurrentDirectoryA
lstrcatA
WriteFile
Sleep
SizeofResource
RtlZeroMemory
LockResource
LoadResource
CloseHandle
CopyFileA
CreateFileA
ExitProcess
FindResourceA
GetVersion
GetModuleHandleA
GetTickCount
lstrcpyA

urlmon

CoInternetCompareUrl

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE