d4c31b7e5a6b32f5c8b0f2242bb84f30_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4c31b7e5a6b32f5c8b0f2242bb84f30_JaffaCakes118
Size

116KB
MD5

d4c31b7e5a6b32f5c8b0f2242bb84f30
SHA1

ae093d06c53827ceeaba2ac816736fdefc848c9d
SHA256

54d2324ccba1e0ad3b43ce4c4edcfeb0127e7a7f6591965cb92892f81272cbed
SHA512

375bc08d6d3430db06df5005f17c2d5f0593359dcf26e3825d39cc7723030b6cb854061a6b521813a3d515865aadd50a2414240ef0e087a2b74b3e0a229d9f4c
SSDEEP

3072:e6nSZ2klGSPxywB3HFgCOmEjrbNQYtc5cp1AZL/258:e6nSskZJNFgCOmEj1QpqpWA5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4c31b7e5a6b32f5c8b0f2242bb84f30_JaffaCakes118

Files

d4c31b7e5a6b32f5c8b0f2242bb84f30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

553f5d6908413d2e2198df49f2718d68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
ReadFile
WriteFile
CloseHandle
CreateFileA
GetModuleHandleA
MapViewOfFile
CreateFileMappingA
GetFileSize
UnmapViewOfFile
lstrcatA
lstrcpyA
LocalFree
LocalAlloc
DeleteFileA
lstrlenA
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
IsBadReadPtr
SetFileTime
GetFileTime
GetCurrentThreadId
GetCurrentProcessId
ExitProcess
GetTempPathA
Sleep

user32

wsprintfA
MessageBoxA

msvcrt

memcpy
memset

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ