4d294832451e37b070b1776d0e1ddf1a_JaffaCakes118 | Triage

Sharing

General

Target

4d294832451e37b070b1776d0e1ddf1a_JaffaCakes118
Size

1.2MB
MD5

4d294832451e37b070b1776d0e1ddf1a
SHA1

b0328da0e8069bee3de0f955b36630cf47df9b09
SHA256

166446ed2d73343b5d0eef42fd9cb1f44373f55fb28523d2a12ca0852d63715a
SHA512

4ec01d76ca08fdc0cde62b9570a36bc6331b4b06f81481ebe172d228596d231ee81e663fa9acaade19123fbd5a06c5aa6c6b2b86c493a6a538af3b3f5a7c01ea
SSDEEP

24576:xosRAevUE/hv6YQIAajlMBFI6vGDuXIj1L4Otdae1dppvCDRJBVX0hmVQd:xsYXhv6YQIAYlMB6LDWyrtY93bkR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d294832451e37b070b1776d0e1ddf1a_JaffaCakes118

Files

4d294832451e37b070b1776d0e1ddf1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1cad98d47ccd4c866552b222732a801

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GetProcessHeap
HeapFree
ExitProcess
ReadFile
WriteFile
GetLastError
SetFilePointer
DeleteFileA
GetModuleFileNameA
CreateDirectoryA
lstrlenA
GetTempFileNameA
lstrcatA
HeapAlloc
GetTempPathA
GetStdHandle
GetCommandLineA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
lstrcmpA
CreateFileA

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ