b95e2992289b56f576bdbb01e45f1833_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b95e2992289b56f576bdbb01e45f1833_JaffaCakes118
Size

72KB
MD5

b95e2992289b56f576bdbb01e45f1833
SHA1

5bb54cb5036933beaf3c83b5487157bd13d9fd8c
SHA256

15c9884cf46b00d0da065d5f9b0c8b345d201eac67d609a3c6aa7fdf5d9fd16e
SHA512

7dfddb36e66fdf8914430015d2e93d213d5046607fb62c8cd90f52a03df052cbf4e15556cf92359ad6c8757656e4ad733a37fdd1e2971c855bd4a325d3512ab7
SSDEEP

768:uWut34bqvspgsUnbwodjWMggYlaNWhiC14FrhP3rMCAWV:etM4MojZCla8h/QMCf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b95e2992289b56f576bdbb01e45f1833_JaffaCakes118

Files

b95e2992289b56f576bdbb01e45f1833_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14003c390aca4c0ea90ccff2fcabb18a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
SizeofResource
FindResourceA
GetCurrentProcess
GetEnvironmentVariableA
GetModuleFileNameA
CreateFileW
Process32First
CreateToolhelp32Snapshot
Sleep
WinExec
CreateThread
GetTempPathA
SetFilePointer
GetTempPathW
GetStringTypeW
GetStringTypeA
SetStdHandle
LoadLibraryA
GetProcAddress
WriteFile
Process32Next
CloseHandle
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapReAlloc
HeapAlloc
TerminateProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
GetLastError
MultiByteToWideChar
LCMapStringA
LCMapStringW
VirtualAlloc
FlushFileBuffers

user32

SendMessageA
GetForegroundWindow
GetWindowTextA
FindWindowExA

Sections

.data
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ