adb4d2acba5c6429406cc600db942cf1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adb4d2acba5c6429406cc600db942cf1_JaffaCakes118
Size

700KB
MD5

adb4d2acba5c6429406cc600db942cf1
SHA1

cb52527f764072ebf41cd99ca4a9057d2e7cc94a
SHA256

ce666df96f22746d0c0883d2d52d65a9266c6585041a18aad97223b056a89bc0
SHA512

1fc1805ad1d16b71289904f4308411add548c5aaa10946d3f97b24cc1ac30815422db8215869fa3fbf84cee4e3dbaa0524bc1f77e429b3de58d915d92df3d951
SSDEEP

12288:yQefoVCl4KzOeqSpva2dBNwndJnUr2BgEpKxng0zYKjDevN5s0Pe/nRtkLW:yQKokVqgacjwgrCgE4Vg0zYKL0Pe/YLW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adb4d2acba5c6429406cc600db942cf1_JaffaCakes118

Files

adb4d2acba5c6429406cc600db942cf1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7b1a57bd64a354db74cb7a06a522768

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
CreateEventA
lstrlenA
GetFileSize
GetModuleHandleA
GetVersionExA
Sleep
GetLastError
LocalFree
GlobalAlloc
LocalAlloc
GetStartupInfoA
GetCommandLineA
CloseHandle

user32

CreateWindowExA
DialogBoxParamA
TranslateMessage
EndPaint
SetFocus
SetWindowTextA
GetWindowRect
DispatchMessageA
GetMessageA

msvcrt

__getmainargs
__setusermatherr
toupper
memmove
_acmdln

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 679KB - Virtual size: 680KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ