488a4d53470334c13dec9cc1aae4bcd4_JaffaCakes118 | Triage

Sharing

General

Target

488a4d53470334c13dec9cc1aae4bcd4_JaffaCakes118
Size

8KB
MD5

488a4d53470334c13dec9cc1aae4bcd4
SHA1

177f74afba6e4deee69a44c732bbed4b29c95a9a
SHA256

43357498228cf5c29c4623db0b1e7f8c23f60c7db8c023c58ea4852db1d8c379
SHA512

f4e15141d9b8df644c88885401b0e0d80e49fa6dbe940c690f1f4d86bc6f98d6df6c0a8869fc47d568c76ac8f6940f46de2c76185ac2751c8281e1d18b25dd45
SSDEEP

192:M8Zv/m0kV/jAuMY1m+mieWqxMoPZUo4W2n59zIieqEUK:M8Z20kVrApom+m0qxzIrhtEU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
488a4d53470334c13dec9cc1aae4bcd4_JaffaCakes118

Files

488a4d53470334c13dec9cc1aae4bcd4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5c50b9e50c14e5b1bd4dc8e2cf652e6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
HeapFree
GetTickCount
GetCommandLineA
SizeofResource
HeapValidate
HeapAlloc
lstrcmpiA
GetProcessVersion
WaitForDebugEvent
DuplicateHandle
lstrcpyA
LoadLibraryA
FreeResource
DosDateTimeToFileTime
GetOverlappedResult
GetThreadContext

user32

ShowWindow
GetSysColor
SetRect
TranslateMessage
GetMessageW
DestroyWindow
EndPaint
IsWindowVisible
ValidateRect
DispatchMessageW
PostMessageA

gdi32

DeleteObject
DrawEscape
GetObjectA

Exports

Exports

_Kill_Thread@4
_SellThatThing@8

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA1
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 286B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ