4caf8e299394ef5233b5504df633714e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4caf8e299394ef5233b5504df633714e_JaffaCakes118
Size

291KB
MD5

4caf8e299394ef5233b5504df633714e
SHA1

257b1a2d2639cde93b1d796ca28fd2f90be7d5d4
SHA256

143ac334cf6e0e3e9f57b4614f92148d1fa9ceb795a92b8bf9b5f223d27fd0c2
SHA512

0919d00f0ef267e6b9d07a0076049344e16b73d24e3f4f4ae2c296e4f8bd628da71c1b9e6dff90d479352f3e0af768c827369c867c9d3492c11abb188eb03b51
SSDEEP

6144:UFAVFPNkvHO1M6I9of31Ly9YRPOKkMbrVWxiMZPcjDL4d7dr:WSBDIYd8KkMbrYMKcj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4caf8e299394ef5233b5504df633714e_JaffaCakes118

Files

4caf8e299394ef5233b5504df633714e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b9fbbe2f6f952b53b643b6be207746f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateThread
EnterCriticalSection
ExitThread
GetCurrentThread
GetFileAttributesA
GetThreadPriority
GetTickCount
GetWindowsDirectoryA
GlobalAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
SetEvent
Sleep
WaitForSingleObject
WriteConsoleA
lstrlenA

user32

CallWindowProcW
CheckDlgButton
GetAsyncKeyState
GetForegroundWindow
GetWindowThreadProcessId
IsMenu
LoadMenuW
UnionRect
WaitMessage

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 842B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ