b973f234a1effe97e7c70a9851a02e7d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b973f234a1effe97e7c70a9851a02e7d_JaffaCakes118
Size

46KB
MD5

b973f234a1effe97e7c70a9851a02e7d
SHA1

3d6b3860b5a02c6e0874dada5bc6015470b0331c
SHA256

29c98ec73d5df09c3f9319eac38f4f7f7c0f8bba0de74444473392b49a405f0d
SHA512

da543269cb9076b6e00344e3f92e043d84893e5b797e874add116709b481521b99a194ef3b3a95093fd91a290b391049b01cdca4fbf7d301d10b7b1145cd2ced
SSDEEP

768:CRVracoQzrYZmNozWLVO5cR9gdK3VBkX9eedAy+kiOxZg0OYHvcHpQsbBSa1GcPc:CDacoQzrYZ7zWUqRb7Y9d3+gZ8SA39Sx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b973f234a1effe97e7c70a9851a02e7d_JaffaCakes118

Files

b973f234a1effe97e7c70a9851a02e7d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

233d43c85d3e6d8c909589d1c7274413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCursor
LoadImageA
GetMessageA
DrawTextA

kernel32

SetEndOfFile
lstrcmpA
WriteFile
VirtualAlloc
TlsSetValue
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceNamesA
GetModuleHandleA
GetStartupInfoA
LoadLibraryA
Sleep

ole32

CoInitializeSecurity
OleCreateLink
WriteClassStg
CoGetCurrentProcess

Sections

.text
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

code
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE