89cdbb5977039d6d21ef2d0c888a1ee1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89cdbb5977039d6d21ef2d0c888a1ee1_JaffaCakes118
Size

19KB
MD5

89cdbb5977039d6d21ef2d0c888a1ee1
SHA1

c7c7cc876e02e19bf50d2a8b3906f7592f54e8d8
SHA256

f3fe35859991eb2b933e1c6747de5da66c5ad4667378033d5978482d2b61d9d2
SHA512

10d02b629a9b815339d09826cd74c8261ebe35b5c568c6087b8331d80a86c1ac3f3b510c88130ec8976d3a0cc8966af7a1acf8f571b2b722b47ac687279b746f
SSDEEP

192:TnGkBWrwiShIISE4G3AItEHpVFklYZr25IzNFic1HRRqB:TnGkmISE4KEHpVFb2w2cpc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89cdbb5977039d6d21ef2d0c888a1ee1_JaffaCakes118

Files

89cdbb5977039d6d21ef2d0c888a1ee1_JaffaCakes118
.exe windows:1 windows x86 arch:x86

50bb486971c34252e9e1ee7362460f63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

SetErrorMode
GetModuleFileNameA
GetFullPathNameA
CreateFileA
WriteFile
CloseHandle
CreateProcessA
WritePrivateProfileStringA
ExitProcess

user32

wvsprintfA
MessageBoxA

shell32

SHGetFolderPathA

Sections

data
Size: 14KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

code
Size: 1024B - Virtual size: 523B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 437B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ