73a5f7bde7b1ace6120a750903f05440_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73a5f7bde7b1ace6120a750903f05440_JaffaCakes118
Size

94KB
MD5

73a5f7bde7b1ace6120a750903f05440
SHA1

6c32dfde89b3f4e89fcd7c4bf9ce3643283b58b1
SHA256

3970d43a434d13a3f6fe5d0308db1924ce37dfd7ef8ae2a9e6288649aa6fa8b8
SHA512

90f47ce51c2609cde7e494d02c74d6b1bd33dc3a99985aac607c23b9f1d4793492f3ee63fdbc4e1345cd52e7a5bc518e408a4a039ef025b634f723d095d1112b
SSDEEP

1536:hpZxkdov3q8OyvDNy1zlTWo6H5RZxkdov3q8OyvDNy1zlTWo6Hv:deO3q8OyvDNy1ZjKeO3q8OyvDNy1Zje

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73a5f7bde7b1ace6120a750903f05440_JaffaCakes118

Files

73a5f7bde7b1ace6120a750903f05440_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d08b825f19a29ef14f2ae6ba6d83134d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SetFilePointer
CreateFileA
TerminateProcess
ResumeThread
VirtualProtectEx
VirtualAllocEx
GetProcAddress
GetModuleHandleA
ExitProcess
GetFileSize
lstrcmpA
GetWindowsDirectoryA
ReadProcessMemory
GetCurrentProcess
GetModuleFileNameA
CreateThread
WaitForSingleObject
GetProcessHeap
HeapAlloc
GetTickCount
CloseHandle
HeapFree

user32

MessageBoxA
wsprintfA

advapi32

GetUserNameA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 818B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE