65229112523452900f6ef928e94213fa_JaffaCakes118 | Triage

Sharing

General

Target

65229112523452900f6ef928e94213fa_JaffaCakes118
Size

286KB
MD5

65229112523452900f6ef928e94213fa
SHA1

b17aa0beeefdd474c316ac43eadace5b772c0345
SHA256

9a7d9d53ddd11ef469380f29c346b4bcde459eb348c833d9bc5ed183e5832aa6
SHA512

d33dc361c5d941102a6e40ef2ea38634b50523d4f4f8ac1652103a6ba27a24d40c043d1fac4a4265b397f1624b42286708735c1dbc3f6a998f5b1fe1a9f29d68
SSDEEP

6144:RdB4PD7aIQviRUUuxkRL5uEBhWl/jmPCTNfsyorFxaQiiq9tbLO2JZ:x/MLOl/i6RernaWqz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65229112523452900f6ef928e94213fa_JaffaCakes118

Files

65229112523452900f6ef928e94213fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0667c19e8c05c6501694891821bc7e6a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateThread
EnterCriticalSection
ExitThread
FindFirstFileA
GetCurrentThread
GetLocaleInfoA
GetTickCount
GlobalAlloc
InitializeCriticalSection
IsBadCodePtr
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
SetEvent
Sleep
WaitForSingleObject
WriteConsoleA
lstrlenA

user32

GetForegroundWindow
GetParent
EnableWindow

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ