ac1894c4dab7e7304d3d4ed9a0dba196_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac1894c4dab7e7304d3d4ed9a0dba196_JaffaCakes118
Size

176KB
MD5

ac1894c4dab7e7304d3d4ed9a0dba196
SHA1

9136ea1a35b30a8e5aabf83634adaf57376bf167
SHA256

e3ef57823ff022aa05ede9a8482d8aea23b4f77d5f023d472b7d795ddddda539
SHA512

338e5287c9823b98cbc661b599d9bb7cb35f99319f972f870db0e42c9fdbbc03bbc00d198c2dbd6e438a7487a336ad5447c814789522de132b93cfc972c54c5f
SSDEEP

3072:u8/quhmuy3lv8YJhKGZ+87r0PW0O5TCGuieSAgKx9r8T9y4PJNBbKEnTa9+/Zh:5g/zsBP1ihKQpnJr2Sa9+r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac1894c4dab7e7304d3d4ed9a0dba196_JaffaCakes118

Files

ac1894c4dab7e7304d3d4ed9a0dba196_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71537456c73c5099c4b405352642aa7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetModuleHandleA
ExitProcess
LoadLibraryA
Sleep

user32

CreateWindowExA
DefWindowProcA
BeginPaint
TranslateMessage
PeekMessageA
ShowWindow
DestroyWindow
RegisterClassA
LoadCursorA
LoadIconA
PostQuitMessage
DispatchMessageA

gdi32

GetStockObject

Exports

Exports

Arg1
Arg10
Arg2
Arg3
Arg4
Arg5
Arg6
Arg7
Arg8
Arg9
CallDLL
Finished
Firstbp
Patcharea
Prepatch
WndProc

Sections

.text
Size: 1024B - Virtual size: 686B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 891B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LinkArea
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ