dd9fd404d6a6af9bd7b26439e51b076d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd9fd404d6a6af9bd7b26439e51b076d_JaffaCakes118
Size

23KB
MD5

dd9fd404d6a6af9bd7b26439e51b076d
SHA1

f620b422094926066e4009fb71630d2575932e1d
SHA256

049ac8333b1d65611d80d81753c1fe1b59a195710c50b9ed1cf397ea22700b01
SHA512

17dac6f9bf2ae8560270adfd3885f1706decc5f1e16559e6b29b240b2404b5bcb663a272cf6f56bf8faf3dc72c970b24528c9a1d85f77952c6ddfe0a2cf26edc
SSDEEP

192:vdNXOGmgTP492RLecEvjSCA3LJ9TBL8xftDS2Mo5tVy0foQ+1qsHd9p6FZLcKfh6:VNo2K783l9TaLnMo5Ft+1d9T6F5ffE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd9fd404d6a6af9bd7b26439e51b076d_JaffaCakes118

Files

dd9fd404d6a6af9bd7b26439e51b076d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

438488a30d4195eceb8c2f4659097e5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
WaitForSingleObject
CreateProcessA
GetPrivateProfileStringA
GetSystemDirectoryA
lstrcatA
lstrcpyA
GetModuleFileNameA
GetVersionExA
GetEnvironmentStringsW
GetEnvironmentStrings
LoadLibraryA
GetProcAddress
VirtualAlloc
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
CloseHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WriteFile
HeapFree
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind

user32

MessageBoxA

lz32

LZOpenFileA
LZCopy
LZClose

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 823B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ