660b6301d7d1cc2f7d8fb0d183d26dc5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

660b6301d7d1cc2f7d8fb0d183d26dc5_JaffaCakes118
Size

324KB
MD5

660b6301d7d1cc2f7d8fb0d183d26dc5
SHA1

350a6cc626bb96503c97991d61b6463ed74d218d
SHA256

b529e6d3eb2d32000e938c573938445325d4f3f4ffaea3c9cc2ee815adc2b940
SHA512

cfbc0c0a59be09a36182a4c7d3ffec90b6baccb1e7f21bd90c156c8e718573eaaf38f57e2b44565ce67b1969cf96546bbc764a610810ea98f2aaae1c62771885
SSDEEP

6144:MptHLzpCaYnOnkPq1qQRlETbJoRiZJOVC+UoUIu6IzzRqrs8gss6YYsh:GHLzpCfni1q/JS8qC+UoUIHIJqTgDmW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
660b6301d7d1cc2f7d8fb0d183d26dc5_JaffaCakes118

Files

660b6301d7d1cc2f7d8fb0d183d26dc5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b4f8be127c34782316ca56a5e6cb01d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupIterateCabinetW

ole32

CoUninitialize
CoInitializeEx

shell32

ShellExecuteExW
ShellExecuteW

user32

MessageBoxW
wsprintfW

kernel32

GetExitCodeProcess
GetTempPathW
LockResource
WaitForSingleObject
GetCommandLineW
GetStartupInfoW
ExitProcess
lstrcpyW
SetEnvironmentVariableW
LoadLibraryA
CreateFileW
SizeofResource
FindResourceW
FreeLibrary
LoadResource
GetModuleHandleW
GetLastError
GetProcAddress
VerSetConditionMask
CloseHandle
WriteFile
DeleteFileW
GetModuleFileNameW

Sections

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 484KB - Virtual size: 483KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ