d5c8319034b9d06f8f910b7bb7f09c67_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d5c8319034b9d06f8f910b7bb7f09c67_JaffaCakes118
Size

37KB
MD5

d5c8319034b9d06f8f910b7bb7f09c67
SHA1

1cc0d25059bfb8fec1fb21f4acb1cf860190a413
SHA256

494f946c7894060d544416418b09a5c3696445fc20683c684c322385d6e26ea7
SHA512

f7f2f8be33bb7beaeaea83a850b326a31ab7d2b44ab4837e424faf6b807ecdc7b5a6f9f2a55139fdae716a8d33f45f61277ecb5567d79d1b3d4c2d1b3ab120ff
SSDEEP

768:YXesmTyTEOf1lhuaJjS/bIIE3LDFPqZ9gh9Z5GH6JonSa:Y9mOTEOf1lMaJjSTl0LhPqQVUH6JmSa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5c8319034b9d06f8f910b7bb7f09c67_JaffaCakes118

Files

d5c8319034b9d06f8f910b7bb7f09c67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2aaa8612aa4bcc10f7e39133956c9bd4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorA
LoadIconA
LoadMenuA
MessageBoxA
LoadBitmapA
GetWindowThreadProcessId
ShowWindow
SendMessageA
SetMenu
GetSystemMetrics
TranslateMessage
UpdateWindow
GetSysColor
GetMessageA
FindWindowA
EndPaint
DispatchMessageA
DefWindowProcA
CreateWindowExA
PostQuitMessage
BeginPaint
RegisterClassExA

kernel32

WriteProcessMemory
OpenProcess
GetModuleHandleA
GetCommandLineA
ExitProcess
CloseHandle

trainer

UninstallHook
InstallHook

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 866B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE