d4483f3368ec0444a55fdfc2b09c2649_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4483f3368ec0444a55fdfc2b09c2649_JaffaCakes118
Size

76KB
MD5

d4483f3368ec0444a55fdfc2b09c2649
SHA1

dab280905ac2281c4b49a333e6ae1ee84153777b
SHA256

fc3add73e763ffe551f7db39a4ca27019dbead316c98bf34085aa9d93c0cf4a9
SHA512

4690b3f26ffa7c6142c95292cef54b62e24765db19dfa0ff3b367d13115b1c448e229edc8a44b6ecc1afdf6720f2c7b51059e6261a9fcb1681ef5e300e0ed35b
SSDEEP

1536:grBYEhQXlqe4fCy7bXU5MoEf+MljOu3yx4KE:grBYEw2fCrM5f+mOGyx4K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4483f3368ec0444a55fdfc2b09c2649_JaffaCakes118

Files

d4483f3368ec0444a55fdfc2b09c2649_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3edbaa9f8f0c584343ff638c16aa03c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
GetCurrentProcess
WaitForSingleObject
CreateProcessA
VirtualFree
CloseHandle
WriteFile
CreateFileA
VirtualAlloc
GetTickCount
GetSystemInfo
VirtualProtect
GetLocaleInfoA
RtlUnwind
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
HeapReAlloc
LCMapStringA
VirtualQuery

user32

DialogBoxParamA
SetDlgItemTextA
GetSystemMetrics
SetWindowPos
MessageBoxA
GetDlgItemTextA
wsprintfA

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 22KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ