843af912fff6ee44d7aaf4e9f625f509_JaffaCakes118 | Triage

Sharing

General

Target

843af912fff6ee44d7aaf4e9f625f509_JaffaCakes118
Size

225KB
MD5

843af912fff6ee44d7aaf4e9f625f509
SHA1

7721563ba449f133f2592927d16c5a65da27ed19
SHA256

c22c15b1fa25f120fe98f22241b86daf93addea99e92bdbb2945744b1f584d81
SHA512

e1e4061e5ca54e60c9a4360f3c26aede755c0ed67e6bda998949b4eda894d14411cf65b5a2a08a0a607ce07f3df48639145ad37e3ad2c34de4636aa8efed3c65
SSDEEP

6144:yNxJdew0qZfYp+cWZaKJ9VaJtPjtixbwSpMel:wJww0UfYpvi/TAPJixUSpM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
843af912fff6ee44d7aaf4e9f625f509_JaffaCakes118

Files

843af912fff6ee44d7aaf4e9f625f509_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a46eb5d8a26df66b7e5340e682f8a377

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
PostMessageA
GetMenu
FindWindowExA
FindWindowA

kernel32

lstrcatA
WriteFile
Sleep
CloseHandle
CreateFileA
ExitProcess
GetTempPathA
LocalFree

shell32

ShellExecuteA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 222KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE