623825eb61242e62275a47a3e13c956c_JaffaCakes118 | Triage

Sharing

General

Target

623825eb61242e62275a47a3e13c956c_JaffaCakes118
Size

6KB
MD5

623825eb61242e62275a47a3e13c956c
SHA1

cf335275aaf18ea98796be48debeca0032326f1b
SHA256

6f4c54774a65718ad805bc8f32d38ee0f6eb605849f6b2825594a243f87fd67f
SHA512

92e11c4911710794ef66762bd952620ca6a8e238f6f1571b0f782fe74296c07cb166e0fe9c58824a7a0f7a7271ebd0a1dfabae815eb2270ef7ee640cb98b3039
SSDEEP

192:VLr/z6HIfsIRhfBseUF3CHOSDTVBJU7W:1rSIzRZ+FSuMBLU7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
623825eb61242e62275a47a3e13c956c_JaffaCakes118

Files

623825eb61242e62275a47a3e13c956c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c45dec77b657cc2d137a2fda72ff810e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
FindFirstFileA
CreateProcessA
lstrcatA
GetStartupInfoA
FreeLibrary
LoadLibraryA
CreateDirectoryA
Sleep
CreateFileA
GetACP
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
GetTempFileNameA
GetSystemDirectoryA
GetModuleFileNameA
GetTempPathA
GetShortPathNameA
GetLastError
CreateMutexA
lstrcpynA
HeapAlloc
GetProcessHeap
HeapFree
lstrcmpiA
ExitProcess

user32

GetCapture
wsprintfA
GetActiveWindow

gdi32

CreateCompatibleBitmap
GetBrushOrgEx
CreateCompatibleDC
GetBkMode
GetBkColor

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE