6599c43bde160fdb5e6850fc2da82996_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6599c43bde160fdb5e6850fc2da82996_JaffaCakes118
Size

41KB
MD5

6599c43bde160fdb5e6850fc2da82996
SHA1

542864c89ef37e9f23ff0bfd6d0b168638170625
SHA256

655318b98343bf78f0ba0da620de6d5cf820bb76ee81e577b832a6abe1d25aa0
SHA512

f2b695f765aec1e6554319626b909f53e99be4358dd17e59799ed51c43379f4e6cf0571eeb24f51960854acf2cba3e53a89444eeca0bc910628471f66d96466a
SSDEEP

768:8begIZ9brUCKyZrBdDsWTi8duQNObO3vTzcrNgDWCKbN:0egIZ9brlZLDsWvuqBMrCM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6599c43bde160fdb5e6850fc2da82996_JaffaCakes118

Files

6599c43bde160fdb5e6850fc2da82996_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8864d29c7b8f8d04a1c75d38fed0bb18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
GetVersion
lstrcatA
lstrcpynA
lstrlenA
GetModuleFileNameA
GetSystemTime
GetTickCount
GetLastError
GetProcAddress
GetModuleHandleA
GetTempPathA
GetLocalTime
FindAtomA
LoadLibraryA
VirtualAlloc
GetTempFileNameA
lstrcpyA
CreateMutexA
ExitProcess
OpenMutexA
lstrcmpA
GetCommandLineA
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

GetFocus
ClientToScreen
GetCaretPos
EqualRect
GetWindowRect
GetCursorPos
wsprintfA
InflateRect
IsWindowVisible

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE