a84ec34aca9f1a528f6e988d62fd2254_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a84ec34aca9f1a528f6e988d62fd2254_JaffaCakes118
Size

2KB
MD5

a84ec34aca9f1a528f6e988d62fd2254
SHA1

e98111c9fcdd8bbd846f843ab3e009a39243dce1
SHA256

b8ed325c3ef276e67762eb256d4686f5940a8023e0026684cc51406e3947f09b
SHA512

076f822a08f4abdafffcf3e8fdcad832d42cf2c7d5c7aff22fc66ecced5817bc76594c30b8906a6cd93dd1b7b257bf9e16ba1acbd9da7bb6a6b4c3c18aaac040

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a84ec34aca9f1a528f6e988d62fd2254_JaffaCakes118

Files

a84ec34aca9f1a528f6e988d62fd2254_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80629251f15a3ac043316c2b9cbab162

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowThreadProcessId
FindWindowA

kernel32

WriteProcessMemory
WaitForSingleObject
VirtualFreeEx
VirtualAllocEx
CloseHandle
CreateRemoteThread
ExitProcess
GetProcAddress
LoadLibraryA
OpenProcess

Sections

.text
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE