b30032f2a084dc7f937555539f5e649b_JaffaCakes118 | Triage

Sharing

General

Target

b30032f2a084dc7f937555539f5e649b_JaffaCakes118
Size

46KB
MD5

b30032f2a084dc7f937555539f5e649b
SHA1

1ba4b467a69e3e0c6772ae4b6d499f17e5e46fc2
SHA256

0e99e84e22e352b6f8e8c8272ed6f41d99ede6cf3f56c62a41d351a2dbf9748b
SHA512

c45a6f8281faeb7af40021e107973be3bf9eeae16c13fcd1a45bb37c49c3eb471e7ea5654594649217d12e4421e3d234bdebad26d96c46381d1ea25054a944ea
SSDEEP

768:mU2dAxuU2vNh/558m783K3yZVNHsGkAnqDIWj2WUr8ji80q:mU2Sxu9B5WmQ6sgP3+8f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b30032f2a084dc7f937555539f5e649b_JaffaCakes118

Files

b30032f2a084dc7f937555539f5e649b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

233d43c85d3e6d8c909589d1c7274413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCursor
LoadImageA
GetMessageA
DrawTextA

kernel32

SetEndOfFile
lstrcmpA
WriteFile
VirtualAlloc
TlsSetValue
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceNamesA
GetModuleHandleA
GetStartupInfoA
LoadLibraryA
Sleep

ole32

CoInitializeSecurity
OleCreateLink
WriteClassStg
CoGetCurrentProcess

Sections

.text
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

code
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE