4830a3ab0036195d8180db16b822464e_JaffaCakes118 | Triage

Sharing

General

Target

4830a3ab0036195d8180db16b822464e_JaffaCakes118
Size

43KB
MD5

4830a3ab0036195d8180db16b822464e
SHA1

938ac28b4a6e618bd3e72bf87971218ee4e6626a
SHA256

d6fd820fb26fbf2d3ded97eda71e4b340903202e62540e9bb3b59ac98ae72940
SHA512

b0baa3da7be1ba34b55cea61d9820af4a69e66dac9e236bf7b5ed464cf05dcd74afb1caf52dabce802cda61237bf8df7ef0f35966ea18cc627d2471b77fffbd7
SSDEEP

768:HK2W8DeMV0MTik8qBEyyEvNOCwtC3dPXMfAYxL/5NVyJWBP4rF7kvluPWQg:qODeMiMrljzvetC3dP8fVxlNCWxYF7mO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4830a3ab0036195d8180db16b822464e_JaffaCakes118

Files

4830a3ab0036195d8180db16b822464e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

786c97af7ae388903971976f33435e4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
ReleaseMutex
DisconnectNamedPipe
HeapAlloc
lstrlenA
SetFileTime
CreateProcessW
SetEvent
OpenProcess
MoveFileExW
SetEndOfFile
UnmapViewOfFile
CreateEventW
lstrcmpiA
GetUserDefaultUILanguage
FindFirstFileW
CreateThread
SetFileAttributesW
CreateMutexW
CloseHandle
FlushFileBuffers
lstrcpynW
GetCommandLineA
FindClose
GlobalLock
HeapFree
lstrcatW
GetCurrentThread
SetThreadPriority
EnterCriticalSection
GetTempPathW
SetLastError

user32

GetWindowTextW
SendMessageW
GetWindowLongW

Sections

.nal
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mvwv
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mzilcb
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ