4b8711163344b3d02b752558f883d7d6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b8711163344b3d02b752558f883d7d6_JaffaCakes118
Size

123KB
MD5

4b8711163344b3d02b752558f883d7d6
SHA1

22d5c363e2fa49d3493814682bafe09d9f0c39ae
SHA256

5294c8022fc8aea847c9bcd2ea725eb521c762e6afa649b45a8cf3af964689aa
SHA512

009f57e8ee9b2106d184fa6b096e3ed6db864228204a0163121247369ca562be4f149dcd43cdd49031b95cdb60461af24478ae2c677281317aa2b332c6dc2d2d
SSDEEP

1536:LEP17Ma5i/XF3XrbgA+G9Kk3a3xtbBnXg0dxB3W/cVC4rp9ajBY5elM2hY:YP/iPFnrUAtAPBI5KpUjKelG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b8711163344b3d02b752558f883d7d6_JaffaCakes118

Files

4b8711163344b3d02b752558f883d7d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f3eb218f5117152444b5a7a0671d89d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: 43KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 17KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 44KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE