896bb5d16a61917b621d055113f72421_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

896bb5d16a61917b621d055113f72421_JaffaCakes118
Size

131KB
MD5

896bb5d16a61917b621d055113f72421
SHA1

8fc4080dcfa4b2d1d35cc63816bf99129762d7ea
SHA256

fa3337bc7ee06a524d1ac8f3e4484f2ac31abc58ad17b6b8e4f0f197d176e179
SHA512

e069c1b262a0f5161525d8f4f4ef1224425dee79103f51caccc7d7e2bbdfa79e477b3120b52bba1a4ba286994a18f2b7cc77c69fc9c10b286619a05eb89afa9b
SSDEEP

1536:mT8fehPdVxH1F4m8aN5S9KE5PfJj3odK1PhjDIobzULOKd6ke8:VfkHom8aN5tC5odKbjDIYwaKdte

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
896bb5d16a61917b621d055113f72421_JaffaCakes118

Files

896bb5d16a61917b621d055113f72421_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c8afd0fda879c604b6eaaeba6dc64589

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
Sleep
ExitProcess

user32

GetDesktopWindow

winmm

timeSetEvent

comctl32

InitCommonControls

Sections

.text
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE