db62f7ff6bd76878710dcff27a184a6b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db62f7ff6bd76878710dcff27a184a6b_JaffaCakes118
Size

34KB
MD5

db62f7ff6bd76878710dcff27a184a6b
SHA1

5e9a4a2ba8fa9870de06eac36c385bc93d0ac82f
SHA256

7c74cf03ffa99f1ff013df8d5e25775935651e10ec489cbc9084da5a79886b1f
SHA512

f1ba1127469664b23cfc66e830952155ccd2c88ab5d3d34a2e832c10a08bdc76ef2cc07d7a49966d61269dd07a779cd1330a4783df0a79a418ecf2cfd779e04f
SSDEEP

384:p+TRXXuAXPUuswTZRi9DzPjHSg0eiZJaef7dzkBE5UofD0xX3LotlNZHxCrz:oTtswTXinjeeiXai7d4u5/fD0VLyNi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db62f7ff6bd76878710dcff27a184a6b_JaffaCakes118

Files

db62f7ff6bd76878710dcff27a184a6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d412cc7326d0752bfaad98c5afcd6a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
CreateFileA
CreateSemaphoreA
VirtualProtect
GetCurrentProcess
VirtualAlloc
VirtualFree
LocalFree
LockResource
LocalAlloc
LoadResource
FindResourceA
VirtualAllocEx
CreateEventA
SetEvent
ExitProcess
GetModuleHandleA
Sleep
DeleteFileA
WaitForSingleObject

user32

SendMessageA
FindWindowA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ