0464c35a88a7aaab154f6413e1475228_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0464c35a88a7aaab154f6413e1475228_JaffaCakes118
Size

23KB
MD5

0464c35a88a7aaab154f6413e1475228
SHA1

2d90750bde1257df3103499a836f1230714e5f23
SHA256

8a83778412c73afb36ecc21d5851b529de40371b8303185ab66ac499c49b323c
SHA512

28bd9c83cc60ed1e3bae7c0261dde876aea9787688dc6b3bca69b48d6d05ec370a0e5987adf6590ac18e54dc7a045288951bac30c879c9a12eac92b7a2c625b4
SSDEEP

384:fO9iUzhWcHkG0W/8AoWheLXVBYkkjuv1hkNLdbaLa4CwUJuUCSFCJWe8EDEWW:7OhWcqAXEVBxkjuv7wbaLa4PU48IM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0464c35a88a7aaab154f6413e1475228_JaffaCakes118

Files

0464c35a88a7aaab154f6413e1475228_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e0cd9bb60c14129fcfcc10e2949423c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
GetCurrentProcessId
Process32First
CreateToolhelp32Snapshot
WinExec
GetWindowsDirectoryA
CloseHandle
WriteFile
CreateFileA
GetProcAddress
LoadLibraryA
FreeLibrary
GetTickCount
GetTempPathA
GetSystemDirectoryA
Sleep
GetPrivateProfileStringA
lstrcatA

user32

MessageBeep
GetMessageA
wsprintfA
MessageBoxA
TranslateMessage
DispatchMessageA

msvcrt

_except_handler3
_stricmp
atoi
strrchr
_itoa

netapi32

Netbios

Sections

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ