ff01cc946f0f34e8f14d18516d5f38da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff01cc946f0f34e8f14d18516d5f38da_JaffaCakes118
Size

70KB
MD5

ff01cc946f0f34e8f14d18516d5f38da
SHA1

93ca9ad8c42ae67a8b523e1b4ab5642ac23b1fe7
SHA256

ed6192241fc3c8bdb00e3c32058950576936deab2bdabc76ff92b681e57981ab
SHA512

ae0ab32bf925ba10964f9703e602abd7cb4f50ff711f46007c873008de65992ecdfb357bfb7478fdc1ce825182b247e12b99d0b48b530064ed1063dd392ab148
SSDEEP

1536:K5BxIxR0CTlCzsm1Uelejtaeas7BuAoFibDktbfvbs1JINBVOR:K+X3cMhRvsAHmA1WNBVOR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff01cc946f0f34e8f14d18516d5f38da_JaffaCakes118

Files

ff01cc946f0f34e8f14d18516d5f38da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c99e62669567cfc55dbd7c22230a0b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
OpenMutexA
WriteFile
SetFilePointer
ReadFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
GetModuleHandleA
Sleep
CreateProcessA
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind

user32

CreateWindowExA
PostQuitMessage
SendMessageA
RegisterClassA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ