ad977b3aacddfff80679dd99e12349dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad977b3aacddfff80679dd99e12349dd_JaffaCakes118
Size

84KB
MD5

ad977b3aacddfff80679dd99e12349dd
SHA1

21d4a1a657b971be2bcdee32e1d6cf973bcb6587
SHA256

b6c01021dab47b339845a930f8e678401c90ae6116af82beb766a33dd8cff3aa
SHA512

48b0ff131a6742507c555db7e8be7ca289b7bdbe8979c85bb160ede1c56a4cdf38f21a063b6007ce2a5b8e5cd41c93f4303cb8623e53d84ccefde596b9787a4f
SSDEEP

768:5hYotHhsIM15hQoD1DnTf8AacV4+/G8tfG5+t9mETtiFxyKLOcRNGFO3Skaws:5ygh8f394AioSHETtgxrLvRNM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad977b3aacddfff80679dd99e12349dd_JaffaCakes118

Files

ad977b3aacddfff80679dd99e12349dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

caa0781a099781edf5e644cb036adec3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
ReadFileEx
LeaveCriticalSection
SetEvent
GetLastError
CreateEventA
GetStartupInfoA
PulseEvent
OpenEventA

user32

CharLowerA
MessageBoxA
MsgWaitForMultipleObjectsEx

comdlg32

GetOpenFileNameA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 470B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ