dc41e45631ade90ef3a0df2b1a420631_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc41e45631ade90ef3a0df2b1a420631_JaffaCakes118
Size

16KB
MD5

dc41e45631ade90ef3a0df2b1a420631
SHA1

6a4ce1cf2a0ac5a20a0ecf7dd97eb6aba3d105e7
SHA256

87fc3c3dcaa4636b68a2faf27a29a7bb9c73da2b1bbfbefbe40051278e566a22
SHA512

79bac9b620338ed0f072b4779008411a9e012f115750d1510ba9337b9bc0f968a82ade5f7fe5af62df29702fcdc220413d4c794c6aeece7c34ed08fab69f8a12
SSDEEP

96:aBH2lrjYsvoKeWMFDkDyttDyU+ZiL+lrYvoIx8JRWu:aUocRCwCmU+Zq+RYv5QW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc41e45631ade90ef3a0df2b1a420631_JaffaCakes118

Files

dc41e45631ade90ef3a0df2b1a420631_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0bddc41d1417b8425e43aa25e0171148

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

rand
_snprintf
_beginthread
exit
strncpy
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_endthread
_CxxThrowException

kernel32

LocalFree
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GetTempPathA
ExitProcess
WaitForSingleObject
CreateMutexA
SetErrorMode
MoveFileExA
CloseHandle
WriteFile
CreateFileA
SetFileAttributesA
GetModuleFileNameA
GetModuleHandleA

user32

CloseClipboard
BlockInput
MessageBoxA
OpenClipboard
keybd_event
SetForegroundWindow
SetFocus
ShowWindow
VkKeyScanA
EmptyClipboard
SetClipboardData

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantInit
VariantClear
SysAllocString

shell32

ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE