67182386716d0c69bc132a6420787d66_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67182386716d0c69bc132a6420787d66_JaffaCakes118
Size

77KB
MD5

67182386716d0c69bc132a6420787d66
SHA1

1cb34a385b0916a6ffed73bc82a814a6dc59e79a
SHA256

a5b70e0a3b792663ace8ba84f4a504d3dde686a6f171fa2d0eeb7f987c370e3f
SHA512

87557feef52485118498acc86fba0c67db9c6d1872a7b5a6b305636ee663986c3a099665172fd7eaf285e0bf0b50aa72c2a427ca9bb0948dbcd9a2c8673b3609
SSDEEP

1536:Fb2wAC3VS9DanycPgfT72o53/KCY3L3RiAfLiZaK+Q:NfACV8DMdPgf93/VefLib

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67182386716d0c69bc132a6420787d66_JaffaCakes118

Files

67182386716d0c69bc132a6420787d66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

52729be37b36dcf908037768e6e3acdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
PostMessageA
GetMenu
FindWindowExA
FindWindowA

kernel32

lstrcatA
WriteFile
Sleep
CloseHandle
CreateFileA
ExitProcess
GetTempPathA

shell32

ShellExecuteA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ