4e1edad38234df40d46656190047d6f1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e1edad38234df40d46656190047d6f1_JaffaCakes118
Size

5KB
MD5

4e1edad38234df40d46656190047d6f1
SHA1

a8a55ce9f7e30c110b11b9d18c90a705c74074aa
SHA256

5751291ff44c984af21aa387d3cee219489a4944a98941af394f5085031eba36
SHA512

e61d46bf9c7d9d4b0879970cc9e7b15e2684919ecae51336fc23cd0ee5521821872f57a2072b88a2f79912695bd2fe41048af7b3995ace390e8c2e9b0d9d158c
SSDEEP

48:a51zte0M8q8cbByOAirymnPf5Vk4QsQQhJv4Q4+DJ+ugXtBdxHvBQGKi:r0hajrystBQwUOORHoi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e1edad38234df40d46656190047d6f1_JaffaCakes118

Files

4e1edad38234df40d46656190047d6f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d608128efe0d8d54f5948e31e7c4a031

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WaitForSingleObject
CreateEventA
GetCurrentProcessId
FreeLibrary
ReleaseMutex
GetFileAttributesA
lstrcatA
GetSystemDirectoryA
WideCharToMultiByte
CompareStringA
CreateToolhelp32Snapshot
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap
SetEvent
CreateThread
CreateProcessA
ExitThread
Process32Next
Process32First

user32

IsWindowUnicode
GetClassLongA
wsprintfA
CloseWindow
ShowWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
CreateWindowExA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE