657cc816f4b6f2efccb5bef111e66b6a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

657cc816f4b6f2efccb5bef111e66b6a_JaffaCakes118
Size

47KB
MD5

657cc816f4b6f2efccb5bef111e66b6a
SHA1

5d75a67c84219bbcb585105a157ce9ffb853cd2d
SHA256

63f18ec026de2d9ae6eebe84be823ba0cc33cd65eb5fb9d2100b6e749a88d617
SHA512

69f941ef6b15607ad1e896ab7fe43e57195c16f4faf9bb66814bd9c2f9b25e9e620eb6fe2d6ce8240d61a8e573d50d420898dfe9400173fc54c59a4b9cca41ab
SSDEEP

768:s6pLWjqaj80wUOiFQ1oZeDoNfwT6wgzmyPXNKDcxTyOymPUlk6LfmUYgf25/SVBo:s6pLWjqaj80wUOiFQ1oZeDoNfIwqydxJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
657cc816f4b6f2efccb5bef111e66b6a_JaffaCakes118

Files

657cc816f4b6f2efccb5bef111e66b6a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50ed06675539916997af267a66167c2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
GetVersion
GetCommandLineA
GetTempPathA
GetSystemTime
lstrcpyA
CreateProcessA
lstrcatA
ExitProcess
CreateFileA
GetLastError
GetProcAddress
lstrcmpA
lstrlenA
GetTempFileNameA
GetLocalTime
LoadLibraryA
lstrcpynA
OpenMutexA
FindAtomA
GetModuleFileNameA
GetModuleHandleA
GetTickCount
CreateMutexA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
VirtualQuery
GetVersionExA
RtlUnwind

user32

SetDlgItemTextA
wsprintfA
DialogBoxParamA
SetWindowTextA
LoadIconA
GetFocus
IsWindowVisible
EqualRect
GetCaretPos
InflateRect
MessageBoxA
ClientToScreen
SetClassLongA
EndDialog
GetDesktopWindow
GetWindowRect
GetCursorPos

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ