822e48f7c6c31189984b6200bff60f3c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

822e48f7c6c31189984b6200bff60f3c_JaffaCakes118
Size

42KB
MD5

822e48f7c6c31189984b6200bff60f3c
SHA1

214edd5d7e4053a4793361c3238212091d965a7a
SHA256

673ff001aee183a81eecb3cebb8c4a60b48e894045d0304ac976cd67685144d9
SHA512

7996451c628a4fb885da9c08f27662a4fb0977288e64455744d1b6d8467918ef085feb81b1a4adf532f1136225162449edbaaef640ad0f53c60cf38ba8449bb3
SSDEEP

768:tLynByw9mcOykxXgPIDm33zzXK6cQFK5JBZTJSv+TIOJ9pT4CFES:wnBr9cykNmICzMQFwvZTJSvAFX5ES

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
822e48f7c6c31189984b6200bff60f3c_JaffaCakes118

Files

822e48f7c6c31189984b6200bff60f3c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd79b215aaec7d6845136d3e9a2252ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3

kernel32

ExitProcess
WaitForSingleObject
CreateThread
lstrcatA
lstrcmpA
GetLastError
CreateMutexA
lstrcpyA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetCommandLineA
lstrlenA
lstrlenW
GetModuleFileNameW
Sleep
ReadProcessMemory
GetModuleHandleA
GetCurrentProcess
IsDebuggerPresent
lstrcmpiA
HeapFree
GetEnvironmentVariableA
HeapAlloc
GetStartupInfoA
GetProcessHeap
WriteProcessMemory

user32

GetWindowRect
DispatchMessageA
UpdateWindow
MessageBoxA
DestroyIcon
CreateMenu
GetSubMenu
EnableMenuItem

gdi32

SelectPalette
RealizePalette

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ