bb41b3485a383f6e2dcc75c0edec8cd4_JaffaCakes118 | Triage

Sharing

General

Target

bb41b3485a383f6e2dcc75c0edec8cd4_JaffaCakes118
Size

8KB
MD5

bb41b3485a383f6e2dcc75c0edec8cd4
SHA1

336371233b495eb107634962f2f8a2d9a596f13f
SHA256

a362b707e4d5e0d49a6274ee36a8d95fed7fe5aebd09c12926ee00ea8afd9db5
SHA512

d441d7df2dc791061a179a7d55a98486cf0d6446a2b693f5d7e914f3e610fdef0ad44d91f5f9cf88d3dc3d1bba0765a8aeebf298a8dd8aa4d7a2af04738ed6f1
SSDEEP

192:ItBxQ6F1DoC3YYzwEextxJz2XlS6I/INE2L4Wp:IDhVxIYzzeyVzgINEP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb41b3485a383f6e2dcc75c0edec8cd4_JaffaCakes118

Files

bb41b3485a383f6e2dcc75c0edec8cd4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df08d8c7814430942fc15c6cfc7ae01c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
lstrlenA
SleepEx
GetTickCount
GetCommandLineA
Sleep
lstrcatA
GetEnvironmentVariableA
GetShortPathNameA
GetStartupInfoA
QueueUserAPC
IsDebuggerPresent
GetVersionExA
CloseHandle
CreateThread
lstrcpyA

user32

MessageBoxA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE