667c9d01551defd89ec34345e8fc4321_JaffaCakes118 | Triage

Sharing

General

Target

667c9d01551defd89ec34345e8fc4321_JaffaCakes118
Size

8KB
MD5

667c9d01551defd89ec34345e8fc4321
SHA1

2c7eca6fae065bea623bcf646ff0d526ae89ea74
SHA256

df300a4c0962655d2d780a72cbc25a011665890c6e9c98dd827eb9082227f0bd
SHA512

a57191f99d7ae60b0376067dd26f8381d4aa696d275a8f501de3dcdca62e5f8267aa9a5e9ed654bb0b3c89f02b7f89da3bc09e5dbeaa4a52d5b0232a5da6e789
SSDEEP

192:gnsjmZGqjAk8/ZVxuI1aOziSzyy0a8Pxf5WMtF3c/K:IGTNlyyp8ZRWMtF3ci

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
667c9d01551defd89ec34345e8fc4321_JaffaCakes118

Files

667c9d01551defd89ec34345e8fc4321_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b406f015fe5384f0c5cda906d7ee4ed9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
GetTempPathA
GetSystemDirectoryA
lstrlenA
GetModuleFileNameA
MoveFileA
ReleaseMutex
GetLastError
CreateMutexA
GetCommandLineA
GetCurrentThreadId
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
DeleteFileA
ExitProcess
SetUnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
RtlUnwind

user32

LoadIconA
GetInputState
PostThreadMessageA
GetMessageA

advapi32

OpenSCManagerA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 768B - Virtual size: 766B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 496B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ