949d62a210a77593b3161234e12daef8_JaffaCakes118 | Triage

Sharing

General

Target

949d62a210a77593b3161234e12daef8_JaffaCakes118
Size

91KB
MD5

949d62a210a77593b3161234e12daef8
SHA1

3de4163c8ad3d625ccfaeb8774f1ca67d9dfca31
SHA256

abcbcd491fedb9497f275ee916ef2448e321fb269098ff6aed6e0c0c85113402
SHA512

08a6c3ea7c46a4858c1ce7d54444aa56c2f8a1986f983c338bee64f89b68b26dd033e7ad35000c98181c5bf5388aa65096f0543a0b95bf98675f6b9fd65f0b3c
SSDEEP

1536:+zZuDwGfQQWaUqWSP78bcNtmICPFqU4iEf1UZVisRHVMsVcDM92uRppoxQ:+kP7yc3aPFar1UpMsVB/yx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
949d62a210a77593b3161234e12daef8_JaffaCakes118

Files

949d62a210a77593b3161234e12daef8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa0674fafcc325f3489d1686cdfc57e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset

kernel32

GetModuleHandleA
GetCommandLineA
ExitProcess
HeapCreate
GetModuleFileNameA
HeapAlloc
HeapDestroy
HeapFree
SetCurrentDirectoryA
HeapReAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
IsBadReadPtr
GetCurrentThreadId
GetCurrentProcessId

user32

wsprintfA
wvsprintfA
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
EnableWindow
EnumWindows
GetForegroundWindow

comctl32

InitCommonControls

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�z
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE