8b54f1fae8aaaf3048eb0b5741f5e337_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b54f1fae8aaaf3048eb0b5741f5e337_JaffaCakes118
Size

2KB
MD5

8b54f1fae8aaaf3048eb0b5741f5e337
SHA1

e0f68df2fb5badda180f7a9aeb47b33ad62837eb
SHA256

ad37713c62aa1de030ba124c2f3b3e571b15700b9884523c99c940634c7bd706
SHA512

2f42116d3dba0d599a4f91d362abc8fd1fe6906520d5f38a91d2cefef14eaf146b77b27816599abb8aace831ccfa3e4f6dcaca22889779572b450bab97382329

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/deeper95_l.exe

Files

8b54f1fae8aaaf3048eb0b5741f5e337_JaffaCakes118
.zip
deeper95_l.exe
.exe windows:1 windows x86 arch:x86

349111d37d5318be6b51c523f9a20650

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileW
CreateProcessW
CreateRemoteThread
CreateToolhelp32Snapshot
FormatMessageW
GetCommandLineW
GetCurrentProcessId
GetLastError
GetModuleFileNameA
GetModuleHandleA
LocalFree
OpenThread
ResumeThread
Sleep
TerminateProcess
Thread32First
Thread32Next
VirtualAllocEx
VirtualProtect
WaitForSingleObject
WriteProcessMemory

user32

MessageBoxW
WaitForInputIdle

comctl32

InitCommonControls

Sections

Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
deeper95_l_readme.txt