b399b577e6808b319dc8373a8ac9fc45_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b399b577e6808b319dc8373a8ac9fc45_JaffaCakes118
Size

290KB
MD5

b399b577e6808b319dc8373a8ac9fc45
SHA1

85a3eb5c3fd4ef483ec12d530a84c2cffcddb68b
SHA256

14d8517db169345830f6fd2b9c0f173b6f257ad7b9c15987629b756abb0f127f
SHA512

8454695fb0bb6b8c9ece9ffdb76dc9c5b6b490b8c3c319a6e2e268302188d541687a05e17c9133caea7a5e05fb51d0401f2745665bff1ddcd1094af35c974d39
SSDEEP

6144:6ng5s5siA9qFxX1FD7L3AWWZxE6gyVnROQwajs:6gj8L3AWAgsRJwz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b399b577e6808b319dc8373a8ac9fc45_JaffaCakes118

Files

b399b577e6808b319dc8373a8ac9fc45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a80965e6070f3d3e71cffe3034cde478

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteFileA
EnterCriticalSection
ExitThread
FindClose
FindFirstFileA
FreeLibrary
GetCurrentThreadId
GetFileSize
GetLocalTime
GetThreadLocale
GetTickCount
GlobalAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MoveFileW
SetEvent
Sleep
TerminateThread
UnmapViewOfFile
WaitForSingleObject
WriteConsoleA
lstrcmpiA
lstrlenA

user32

CharNextA
CreatePopupMenu
DrawEdge
EndPaint
EnumWindows
FindWindowA
GetSystemMetrics
GetWindowLongW
LoadCursorW
MessageBoxA
ModifyMenuW
OffsetRect
PostMessageW
ScreenToClient
SendMessageW
SendNotifyMessageW
SetFocus
SetForegroundWindow
SetMenuItemInfoW
UnregisterClassW
UpdateWindow

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ