a3608b379cdaeb991c11a6c19b48f5b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3608b379cdaeb991c11a6c19b48f5b5_JaffaCakes118
Size

6KB
MD5

a3608b379cdaeb991c11a6c19b48f5b5
SHA1

708c016dba2beaffc127b67698dada6922297af7
SHA256

b88a9c9b8358068b050be0c002ae685fb871e7cc438884a4a900b65988b9aef4
SHA512

5ab139edfc444124d0d0116dedd7d364952cd95d8d5b939963429e5ae55f748f3d8c636c19713509fad162ab670ff313556898a4f4f39ab15a456bcc49716313
SSDEEP

96:Wd7f2XIMAm8EPGCpat6lkcraPEFlKyTTJ4vihGtNR:Wd7f2tx8olkgN/J4vyw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3608b379cdaeb991c11a6c19b48f5b5_JaffaCakes118

Files

a3608b379cdaeb991c11a6c19b48f5b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

365a947e3dc432431f51c8f3ed9a37f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strlen

kernel32

GetModuleHandleA
HeapCreate
GetCurrentThreadId
HeapDestroy
ExitProcess
GetModuleFileNameA
GetSystemDirectoryA
DeleteFileA
HeapAlloc
HeapReAlloc
HeapFree

user32

GetInputState
PostThreadMessageA
GetMessageA

Sections

.code
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ