029e80d6316c7e098f8dec182dd31724_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

029e80d6316c7e098f8dec182dd31724_JaffaCakes118
Size

54KB
MD5

029e80d6316c7e098f8dec182dd31724
SHA1

05fcbf89f213dea048fc4d81ee555162f6d4ba99
SHA256

11c546a34b2a45d90cbe86abc87afc8a35863eed19239f27ccae94e2970cfa7a
SHA512

bfb4b32c11024d89f74355b37330805639ce8b9fc5b51c2d9f5efeaf5b3a6ffc2a05b67253d8db550fa8e3ac9f5f3bf749a50cc7a0d37d0cf112e9c9bad00bf7
SSDEEP

384:OG4Vctc5Gbmq3B69FBc0aFH/lcgygsRD6BmNFUTQkpWB+/xC75PPEFC:P4Vctc5qmN9X8oR1QQr+5SD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
029e80d6316c7e098f8dec182dd31724_JaffaCakes118

Files

029e80d6316c7e098f8dec182dd31724_JaffaCakes118
.exe windows:4 windows x86 arch:x86

944f15cc6a14b0d6381c8099770e3c37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleFileNameA
GetModuleHandleA
GlobalAlloc
GlobalLock
WriteFile
ReadFile
CloseHandle
SetFilePointer
CreateFileA
GetFileType
GetStartupInfoA
GetStdHandle
GetCommandLineA
SetUnhandledExceptionFilter
ExitProcess

user32

MessageBoxA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 260KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ