6a0e12a7ac39cc83736ec135f82a69cb_JaffaCakes118 | Triage

Sharing

General

Target

6a0e12a7ac39cc83736ec135f82a69cb_JaffaCakes118
Size

7KB
MD5

6a0e12a7ac39cc83736ec135f82a69cb
SHA1

9b96ec84674ddeee6c267c3602e016a7e527f52a
SHA256

13c65ee32f18b5022a29059c287d9e40f7a4bcc3d4e74f251b3816fc0930c00c
SHA512

d47a9a173bcf05ec20fabbb0e20bb0f4ff9f7f66fdd7430cb34d8273149df8273ac0f977aea3563ac1e3d0d0df9790d034b1b2ad0b896dd298f262aebf9ad790
SSDEEP

96:t/UZsWH9njex7q4Iu5hTOnsNLVvsexJOkEX222hl5TDdpSZwPtboyn:+sk9w0Ch0sNLHJJ205TDtP1oyn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a0e12a7ac39cc83736ec135f82a69cb_JaffaCakes118

Files

6a0e12a7ac39cc83736ec135f82a69cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2620c2cd7c1077e6e8df2fd8766da17c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
ExitProcess
Sleep
MoveFileA
DeleteFileA
LoadLibraryA
GetTickCount
GetSystemDirectoryA
GetTempPathA
CloseHandle
CreateFileA
GetModuleFileNameA
GetCurrentDirectoryA
FreeResource
SizeofResource
LoadResource
FindResourceA
GetCurrentThreadId
CreateProcessA
GetStartupInfoA
GetVersionExA
WriteFile
GetSystemInfo

user32

OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
GetInputState
PostThreadMessageA
GetMessageA
wsprintfA
FindWindowA
PostMessageA
SetThreadDesktop

shell32

ShellExecuteA

msvcrt

_except_handler3
__set_app_type
_strrev
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_controlfp
_initterm
__getmainargs
memset
sprintf
strlen
strcpy
rename
_exit
_XcptFilter
exit
_acmdln

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ