b839f03e9697a9e95eaa34418abecde2_JaffaCakes118 | Triage

Sharing

General

Target

b839f03e9697a9e95eaa34418abecde2_JaffaCakes118
Size

20KB
MD5

b839f03e9697a9e95eaa34418abecde2
SHA1

9bb65402377b3ee834bc8888f760ec4afe2f0374
SHA256

0958ae114adf7572f185705ca665c800d9619f34949869327a469908bbaf037b
SHA512

e2581f8f1ad7f580a6147b07f72720239cdd7b1c71ffb93894e9660c8f83585bde409d64f542d29b170864a3375156691cb22028d21a6abf8f06e80479a4cc69
SSDEEP

384:AFTp1VIjGOMM+JNoszl7j2K+cc4ySZnKtwOl0szto:At3VIjGOM1oQzc4ymKt5l0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b839f03e9697a9e95eaa34418abecde2_JaffaCakes118

Files

b839f03e9697a9e95eaa34418abecde2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc27ec913dd1fed4392562044f182075

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
CreateEventA
GetFileAttributesA
lstrcatA
GetProcAddress
SetEvent
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
CloseHandle
lstrcpyA
lstrlenA
SetFilePointer
SetFileAttributesA
RtlUnwind
ExitProcess
CreateThread
WaitForSingleObject
GetVersionExA
WriteFile
ExitThread
GetTempPathA
CreateFileA

user32

EndPaint
DestroyWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
ShowWindow
CreateWindowExA
SetThreadDesktop
CreateDesktopA
CharToOemA
wsprintfA
IsWindow
CloseWindow

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ