76597be7dba61260fb9f81f32e88da10_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76597be7dba61260fb9f81f32e88da10_JaffaCakes118
Size

8KB
MD5

76597be7dba61260fb9f81f32e88da10
SHA1

f1c97ef9a517863fbb080c708f7b046c375f8553
SHA256

2d55689e77e564cf2352ab78ff68abb74714b642eb5c666c353c678990b2cd17
SHA512

154bd97a1218a8bd4b706c79382bb58de49095492b67b9228213abf87f5a3da99ad64208687745da26df24a89cac5268ab072eb50a77c885d6c653c050215765
SSDEEP

192:nbHEwvd9QALytFozXckc5Eke9tJ2BANC:bkwvdGEytFmcb5Eke9tJ0A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76597be7dba61260fb9f81f32e88da10_JaffaCakes118

Files

76597be7dba61260fb9f81f32e88da10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83d827298e100e40d0abb9e65814341c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetEnvironmentStringsA
GetModuleFileNameA
GetModuleHandleA
GetCommandLineA
GetStartupInfoA
GetLastError
CreateFileA
GetStdHandle
ExitProcess
WriteFile
SetLastError
ReadFile
CloseHandle
HeapCreate
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
HeapDestroy

user32

MessageBoxExA
DispatchMessageA
TranslateMessage
GetMessageA
PostQuitMessage
SendMessageA
FindWindowA

Sections

CODE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 982B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 592B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stubs
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ