60f559b0f625dc7afb43fc19366720e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60f559b0f625dc7afb43fc19366720e3_JaffaCakes118
Size

137KB
MD5

60f559b0f625dc7afb43fc19366720e3
SHA1

2610b7eff5959883e9ed19c39aadc10569b8e2f3
SHA256

ddd4e170fca9f2248c78636fbe0691eac6f0566faabd234f9d8fe2693b85c0a9
SHA512

1a75e818b1d8a4a4e0e59a3d1ad941d1f4d578845339768876a9492f29089ca89ff8acd2083d2a72d81d14a7a744dbeb3894514617a215d7aa25cf04fb01e835
SSDEEP

3072:7w8XrEKPQimo6ouBtcBDiaqAo9ZIncgg6/xgugPfTWYFvn:sLSucBDiaqANncgbyrTZhn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60f559b0f625dc7afb43fc19366720e3_JaffaCakes118

Files

60f559b0f625dc7afb43fc19366720e3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f4bb95a2ed29767e199a8a83e34ea89d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
ExitProcess
GetModuleHandleW
GetStartupInfoW
GetCommandLineW

user32

FindWindowW
PostMessageW

shell32

SHLoadInProc

Sections

.text
Size: 1024B - Virtual size: 742B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 54KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE