663ae274a010d702db520ddab5caecf8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

663ae274a010d702db520ddab5caecf8_JaffaCakes118
Size

165KB
MD5

663ae274a010d702db520ddab5caecf8
SHA1

8b7f722238026474adb9e18096717ff8377a0d6b
SHA256

24c00328d472e8078f60e5bb832f4fd689a59a2a5c619e5bb6d650b93a3c80c5
SHA512

5f5117f3fda10853742738d2337bcd90851e43179e95ebfc3bcc853b0a634dc9d9a3433872b382648582206b105f5d2ccabb50929b469367ec29f631aa348c39
SSDEEP

3072:3/mrF53aJf+UFeTjM4A2I07kLekjv+ji9MblJcckJtEA3UNcmM5hs1Umq8:mrjXA2IZLe/0bcqm861Um5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
663ae274a010d702db520ddab5caecf8_JaffaCakes118

Files

663ae274a010d702db520ddab5caecf8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6ef45b1fd7984cb897cb3b414fa4946

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
PostMessageA
GetMenu
FindWindowExA
FindWindowA

kernel32

lstrcatA
WriteFile
Sleep
CloseHandle
CreateFileA
ExitProcess
GetLastError
GetTempPathA
LocalFree

shell32

ShellExecuteA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE