73f2700a8c725b6d3a2ac55683b33e95_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73f2700a8c725b6d3a2ac55683b33e95_JaffaCakes118
Size

15KB
MD5

73f2700a8c725b6d3a2ac55683b33e95
SHA1

6c0f3b406ba3205cde5d18d6c65aee0cc8ab8e46
SHA256

d56860bbcd5eb91ea000fa538f4208bae3eabda4b24e58020496b4c4ca34c883
SHA512

24216e0f5e2af66a781c3c579524a6215d64339d69b5654d4607a588ef026dc0c6e9357d0f842be2f0748076ab2abc51ee5ae4d7f7e1d2478ab680de3604a731
SSDEEP

192:q0H0G6wUqG9dz548lF6TtgMF8y2K/9ZoQQC3IIIItvW46WAq5SRZ:qqxjUqG9der38y5/3oQQCA3ASR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73f2700a8c725b6d3a2ac55683b33e95_JaffaCakes118

Files

73f2700a8c725b6d3a2ac55683b33e95_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96b2e968c8d942b1c476ffc19880a760

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strlen
_strlwr
strcpy
strcat
strcmp

kernel32

HeapAlloc
GetCommandLineA
GetTempPathA
FindResourceA
LoadResource
LockResource
DeleteFileA
WaitForSingleObject
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetModuleFileNameA
GetTickCount
GetProcessHeap

user32

LoadStringA
wsprintfA
GetForegroundWindow
MessageBoxA

shlwapi

StrToIntA

Sections

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ