442ea51bc195162ccaf8722be524e22c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

442ea51bc195162ccaf8722be524e22c_JaffaCakes118
Size

53KB
MD5

442ea51bc195162ccaf8722be524e22c
SHA1

50dfec2ce06a4dcdbf9ede560b6762c5efc21e4e
SHA256

14d0573f8f7e82340b5d4e96ff96b9400705abc776289142d80ae10098b94fa8
SHA512

fd47cae8a805ad5da6dd67aa19f5e8580ff3724d84cce817e2aec72518d6bbb029d6c9e26e88b51f8dc056365fa40ab11ea621dfd4f9e741bfc0ff2a8fd838fb
SSDEEP

768:UCtAq1lVuJKfO1UTFSRM5Q/6ANtB36bw2iYLTyymErEJY+YZGPWL:UqlgJKf5kREQ/tJ36bw2iSjrEG+GL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
442ea51bc195162ccaf8722be524e22c_JaffaCakes118

Files

442ea51bc195162ccaf8722be524e22c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c776074dc5e4f9c812bbbd67fcd87e34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
Process32Next
lstrcmpA
CloseHandle
Process32First
CreateToolhelp32Snapshot
GlobalFree
WriteFile
CreateFileA
lstrcatA
lstrcpyA
GlobalAlloc
LockResource
SizeofResource
LoadResource
FindResourceA
GetModuleHandleA
ReadFile
GetFileSize
GetProcAddress
GetPrivateProfileStringA
GetEnvironmentVariableA

user32

PostQuitMessage
DestroyWindow
UpdateWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
ShowWindow
DispatchMessageA
TranslateMessage
PeekMessageA
SendMessageA
FindWindowA
LoadIconA
DefWindowProcA

shell32

ShellExecuteA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ