47c21ba2f733f0ea89e51e20ff91a56a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47c21ba2f733f0ea89e51e20ff91a56a_JaffaCakes118
Size

24KB
MD5

47c21ba2f733f0ea89e51e20ff91a56a
SHA1

915aeccf02b43c434ceb2be755599971ac8ece18
SHA256

5ee4ff6d7315778c3443d921541e86cc9224513820ec2f7099b53f79be75e76d
SHA512

d79ebfa7d3fd5ad3a9d848c75d8e8d3e9854098a5ee4d17593dc5b87cc845b66c97f18086999259e6060950881bccc11ef87680bccd35cebd3c24713eb009ced
SSDEEP

384:GGcWnuDQFctFLFNeLNek+vDtIGRzqWL2Fu0PtsS30MHrVhs:G08ttqWbCtnZhs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47c21ba2f733f0ea89e51e20ff91a56a_JaffaCakes118

Files

47c21ba2f733f0ea89e51e20ff91a56a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14850ee9561261f335d81788498ef0be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
SetEvent
TlsGetValue
GetComputerNameA
CreateThread
GetModuleHandleA
PulseEvent
AddAtomA
HeapDestroy
DeleteCriticalSection
SearchPathA
GetDiskFreeSpaceA
ExitProcess
CloseHandle
Sleep
lstrcmpiA
GetLastError
ReleaseMutex
GetTickCount
ResumeThread

user32

CloseWindow
CopyImage
GetKeyState
CreateMenu
CopyIcon
GetScrollBarInfo
CreateWindowExA
EndDialog
DispatchMessageA
IsIconic
DragDetect
GetMessageA
EnableWindow
DialogBoxParamA

hlink

HlinkResolveShortcut
HlinkNavigate
HlinkTranslateURL
HlinkClone
HlinkIsShortcut

shell32

DragQueryFileA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ