4b0cf7491a7c4e0decda7134efc27732_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b0cf7491a7c4e0decda7134efc27732_JaffaCakes118
Size

352KB
MD5

4b0cf7491a7c4e0decda7134efc27732
SHA1

77cfa2f89f4ad65991704a083ce4f3b532b122ae
SHA256

c0c0e3093d4679c9757aa567894a13e223b0bb0aeed093fbd5c6f39dcb8068c8
SHA512

287693ebb030be7e220832da5fc741d831458fa958e07f935d753e40c2c8f11743a8a8dc7bc59f3fc984230c1dfdea6a88e7c747c5c574c2c8b80d420b829f1e
SSDEEP

6144:qdlX/010yye7Ngvj/QzbwWFfBfBqKioYfuEAmWZR/Kl2rrSF:KX/THeDbtfBdYGaS/+m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b0cf7491a7c4e0decda7134efc27732_JaffaCakes118

Files

4b0cf7491a7c4e0decda7134efc27732_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd6e353be8a870154ac1632e3e4c8de6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
PeekMessageA
TranslateMessage
DispatchMessageA
wsprintfA

kernel32

lstrlenA
DeleteFileA
GetLastError
FormatMessageA
GetStdHandle
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetCurrentThreadId
GetTickCount
GetTempPathA
lstrcpynA
GetCommandLineA
Sleep
WaitForSingleObject

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE