4cf09d41082df468daf880a65066d347_JaffaCakes118 | Triage

Sharing

General

Target

4cf09d41082df468daf880a65066d347_JaffaCakes118
Size

99KB
MD5

4cf09d41082df468daf880a65066d347
SHA1

78bc2bd887ed8e08bcb3c7d238e9c7b8f67262c7
SHA256

5e74793d2c2d1738bbb12a0e89aba3a6d07e20694a279af9bec4e16a61d71085
SHA512

9b4ec9b423b2ecc5d23d4e02f6d561895d474d2b023b8b40e33b363290cf83a2006a359bb832b3950f9c0bdcc7ccacee2696d5775bdd81f0278524c26a2a22fc
SSDEEP

1536:A28OY87VwStU3xNDXkx/cxQwWOCLaxdhWk0LX9sE4N24V0QEMBIjgy4mutDgxjzi:q0+Stq2YQw1Ik0Bs2LjE0FnH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cf09d41082df468daf880a65066d347_JaffaCakes118

Files

4cf09d41082df468daf880a65066d347_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1c2d398e231bf3d42b93f1391c66f57

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAlloc
VirtualFree
ExitProcess

user32

GetDesktopWindow
GetMessagePos

Sections

.text
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 237B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dsfwer
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE