b28025cc8e4dbaa16b6d72c063544551_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b28025cc8e4dbaa16b6d72c063544551_JaffaCakes118
Size

2KB
MD5

b28025cc8e4dbaa16b6d72c063544551
SHA1

a075b4f80bd06a59caefb73ecf342bbabef87564
SHA256

beb6b82d3233591472d931512ac48163deaff780492f673e644be784e7c65638
SHA512

a2f300c9a94afdd6e8da752d7b8c78fda96b814f51e3e9006703e226ba3e60625696241815785d889c4b1346a11a855de29d1fedc056c7287505cb9d38f46b3d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b28025cc8e4dbaa16b6d72c063544551_JaffaCakes118

Files

b28025cc8e4dbaa16b6d72c063544551_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1cc81299da5f1eac96041de714c7f117

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowThreadProcessId
FindWindowA
wsprintfA

kernel32

GetProcAddress
lstrlenA
WriteProcessMemory
WaitForSingleObject
CloseHandle
CreateRemoteThread
ExitProcess
GetModuleHandleA
OpenProcess
VirtualAllocEx
VirtualFreeEx

Sections

.text
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ