86f0baf504735f8dae7e20f94186e514_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86f0baf504735f8dae7e20f94186e514_JaffaCakes118
Size

38KB
MD5

86f0baf504735f8dae7e20f94186e514
SHA1

67a822de6e526201320754c67aaa398d269dcde5
SHA256

5eb7daeb1bd4f3c147fffe5b05a282e72e4d09e974d69fd28a14a6c0cc263581
SHA512

5938b32b6c7376716aa4b2135fd7239785d074a10655537271c4f0044b31c0585e8db662119960d95c2278995470ba06ecfcc47daa9fe697e2c65d2abccfd536
SSDEEP

768:3s9xOPZlxXg1hBU/W18HSVldIMOFFCSKxW+7XD/PIItLR6Hrvx:3s9xAQU/W18HSVlttWObPIuoHrv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86f0baf504735f8dae7e20f94186e514_JaffaCakes118

Files

86f0baf504735f8dae7e20f94186e514_JaffaCakes118
.exe windows:1 windows x86 arch:x86

b636cdfc465144a727cd0c264b703478

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetTickCount
GetTimeFormatA
GetWindowsDirectoryA
MoveFileA

user32

CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
GetMessageA
LoadCursorA
LoadIconA
MessageBoxA
PeekMessageA
PostQuitMessage
RegisterClassA
SetCursor
TabbedTextOutA
TranslateMessage
WaitMessage

Sections

.text
Size: 1024B - Virtual size: 767B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE