944edd65b7382832ffa9f922e262b391_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

944edd65b7382832ffa9f922e262b391_JaffaCakes118
Size

20KB
MD5

944edd65b7382832ffa9f922e262b391
SHA1

3a6dbdc43d79e4cf0aada56dae6387c9b2d87dd4
SHA256

8e5159845b29ca422659a3ca583ee12897d7b4fd5c93bdc2526131569a527f18
SHA512

7386f10b8bbf2c1299bfaf31bb7e5a0b6776ff96eb1ac0eca014bcc617ca9eda23c88364b4d1ad27fadacc9911169b956cae4e9ebbfa8c2cf65046022782f576
SSDEEP

192:/dnVPdUga65egXreblWbUq/z/pAWFmjhi5pfYeiavP1oynM:q0JXrwsjpAWFmjhi5pfYex312

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
944edd65b7382832ffa9f922e262b391_JaffaCakes118

Files

944edd65b7382832ffa9f922e262b391_JaffaCakes118
.exe windows:4 windows x86 arch:x86

728562a832924a60d5876adcc0efaaf9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
WinExec
GetSystemDirectoryA
Sleep
GetModuleFileNameA
FreeLibrary
GetModuleHandleA
GetStartupInfoA

user32

PostMessageA
CreateWindowExA
ShowWindow
RegisterClassExA
GetMessageA
TranslateMessage
DefWindowProcA
DispatchMessageA

msvcrt

strchr
_controlfp
_except_handler3
__set_app_type
fclose
fwrite
fopen
sprintf
rand
__p__fmode
??2@YAPAXI@Z
atol
srand
time
??3@YAXPAX@Z
__CxxFrameHandler
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE