8730f7ed8bd46e4e5524f19099afe990_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8730f7ed8bd46e4e5524f19099afe990_JaffaCakes118
Size

20KB
MD5

8730f7ed8bd46e4e5524f19099afe990
SHA1

d948648969ad345370c7e748cc6ae5e240919d9d
SHA256

ee662fb249824d0d106e4d810ed1a2122a23062f7b9527e6e376686cd3e2984e
SHA512

e83d130d48897efbbcf60368df48f0cc2143d9dc39b516f2ac7c8f8e38d7033bf8faab489cf2789d5f9fc166dd35821c76850f727e7a3e9db525657b8b699c1d
SSDEEP

384:tlH0pZ4H2OMPV14Mrd/7+SJKKwc4yLDeKtAOl0szto:tZqZ4H2OMP0oac4yLDrtpl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8730f7ed8bd46e4e5524f19099afe990_JaffaCakes118

Files

8730f7ed8bd46e4e5524f19099afe990_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f05726039a568f5357d87af82b427a59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GetProcessHeap
CreateEventA
GetFileAttributesA
lstrcatA
GetProcAddress
FreeLibrary
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
CloseHandle
lstrcpyA
lstrlenA
SetFilePointer
SetFileAttributesA
RtlUnwind
CreateThread
WaitForSingleObject
GetVersionExA
WriteFile
ExitThread
GetTempPathA
ExitProcess
CreateFileA

user32

DestroyWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
ShowWindow
CreateWindowExA
SetThreadDesktop
CreateDesktopA
CharToOemA
EndPaint
GetTopWindow
wsprintfA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ