710dfc93deae38e1f5f275e725fae623_JaffaCakes118 | Triage

Sharing

General

Target

710dfc93deae38e1f5f275e725fae623_JaffaCakes118
Size

8KB
MD5

710dfc93deae38e1f5f275e725fae623
SHA1

313fdb20592b05849d425132cf4985f325e86514
SHA256

14c54233c91f2bfd109358e6f72cc8a8c6d8df3e3294ebad7afd581b4ffd80fe
SHA512

f56dc002bab5599351590382d71d6cf1e8c613b84594350744b3dd9146b06dec9e52935011335ee43a48d8b4f3ea1ea1eeec8d8e9ed5dd5214b1d20d26db7049
SSDEEP

192:LIvhz9kQU/hTyec0UmgGjG9iYx0pnhpD7N/z4:t3c0dgG69n+trd4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
710dfc93deae38e1f5f275e725fae623_JaffaCakes118

Files

710dfc93deae38e1f5f275e725fae623_JaffaCakes118
.exe .wsf windows:4 windows x86 arch:x86 polyglot

b38c4706edbe23ba00098a1e4a35f6ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
LoadLibraryA
CloseHandle
DeleteFileA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
WriteFile
ReadFile
CreateFileA
lstrlenA
GetTempFileNameA
GetTempPathA
lstrcmpA
GetProcAddress
GetConsoleTitleA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA

user32

SetForegroundWindow
GetWindowThreadProcessId
DispatchMessageA
TranslateMessage
PeekMessageA
MessageBoxA
EnumWindows

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 362B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ