7873f4b5c7416fa6ca6a192c7a690e18_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7873f4b5c7416fa6ca6a192c7a690e18_JaffaCakes118
Size

130KB
MD5

7873f4b5c7416fa6ca6a192c7a690e18
SHA1

f0232a1f883b42fe5c4ef427b5698461d526bd0d
SHA256

9d3e80c82fb42a03b03b01c3f915e382081d352bf4d136a4faa7160fb96602d2
SHA512

d39459690c1af22e416df24c856081f3d791f4f596212daf2ca6a13db76cfda6d8421d7cd128716e0d20085a5a8af2757be96bd6a68000a9828cf39acb36f488
SSDEEP

3072:4CCJ0xZI++YJzYd9dIWWesm25Oh7U+iOrjeH96gB:rCJ0rI4KrMtm25CZiOHeZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7873f4b5c7416fa6ca6a192c7a690e18_JaffaCakes118

Files

7873f4b5c7416fa6ca6a192c7a690e18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a04c76aad35b342f834e63a13b5d0bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
GetCommandLineA
VirtualProtect
CancelIo
GetModuleHandleA
LocalFree
FreeConsole
TlsGetValue
GetStdHandle
GetLastError
CloseHandle
IsBadReadPtr
GetConsoleTitleA
Heap32First
IsBadStringPtrA
ResetEvent
EnumResourceTypesW
GetDiskFreeSpaceExA
lstrlenA
SetLastError

user32

DispatchMessageA
CreateMenu
EnableWindow
IsIconic
CreateWindowExA
GetScrollBarInfo
GetKeyState
CopyImage
CloseWindow
GetUpdateRect
DialogBoxParamA
DragDetect
GetMessageA
MessageBoxA

hlink

HlinkOnNavigate
HlinkCreateFromString
HlinkResolveShortcut
HlinkClone
HlinkCreateFromData

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ