db020215236cf0246bcbeff860a33dea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db020215236cf0246bcbeff860a33dea_JaffaCakes118
Size

149KB
MD5

db020215236cf0246bcbeff860a33dea
SHA1

d8a5ee9e03dc2902360798a54ad799be7e11b4c8
SHA256

a55aceeea62ff482f183ad74e77b9713495664bd0cdfbffca0197a5ca735d4a1
SHA512

40e1fdf63d41608e0a6ea0ffb3b5b8b2d1e7dbfb1a4733c1b497e74468424a06adb1c1daee8c69d0561810bb74b529ac3475c2a5a14541fe489bc256d2705b1f
SSDEEP

3072:ukWjXGBUxlJABfYWlpAOMMGKXcsr1NhwG7+0KtmDCp7UNKkQK4up:ujjXB/WEHMPhwe+QDa7VkQWp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db020215236cf0246bcbeff860a33dea_JaffaCakes118

Files

db020215236cf0246bcbeff860a33dea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98f95398f1997d9a273613749338e36d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
GetModuleFileNameA
GetTickCount
FindClose
FindFirstFileA
FindNextFileA
lstrcpynA
DeleteFileA
GetTempFileNameA
lstrcatA
lstrcpyA
MoveFileA
SetFileTime
CloseHandle
WriteFile
CreateFileA
GetTempPathA
CreateProcessA
LoadLibraryA
GetSystemDirectoryA
Sleep
SetConsoleTitleA
GetCurrentProcessId
GetConsoleTitleA
ExitProcess
RtlUnwind

user32

ShowWindow
wsprintfA
FindWindowA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 144KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE