a7683a4d91d2f3e3638f87d6a56d6d53_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7683a4d91d2f3e3638f87d6a56d6d53_JaffaCakes118
Size

15KB
MD5

a7683a4d91d2f3e3638f87d6a56d6d53
SHA1

bc92c29dfa168392e654ad4b0f0be82fb6f02766
SHA256

6fb2f7fa0d7ed8d0b5fd77aa12ec1a425ce99d275fee7fbdd4908564680f195e
SHA512

a7f48d48d5859f91ef6d7324eb4e0d24f28ef841eb1d8ce9647abf03b64d32407438e6dfb105c7ed78783107b18c163394d4ac77d53da98ab63bd8877abbbaa5
SSDEEP

192:ZPdROxJrwJnVrSDN/0YbUqxnwCk/yQ3DXBvMePRlMsBTUcGrCCzeviKStWzEcs6X:ZPdAgaDWqxnNeL3DTJCsBYc3G6jT71

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7683a4d91d2f3e3638f87d6a56d6d53_JaffaCakes118

Files

a7683a4d91d2f3e3638f87d6a56d6d53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96f5b2d72ef0bab1efec5cf3762a0ae1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
GetTickCount
Sleep
GetModuleHandleA
GetStartupInfoA

user32

MessageBoxW
wsprintfW
FindWindowW
ShowWindow
FindWindowExW
SendMessageW
PostMessageW

shell32

ShellExecuteW

msvcrt

_XcptFilter
_controlfp
_except_handler3
__set_app_type
__p__fmode
rename
wcscat
wcslen
wcscpy
__p__commode
??2@YAPAXI@Z
_exit
memset
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv

Sections

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE