0627b58424d315a4b0086318e1afc906_JaffaCakes118 | Triage

Sharing

General

Target

0627b58424d315a4b0086318e1afc906_JaffaCakes118
Size

16KB
MD5

0627b58424d315a4b0086318e1afc906
SHA1

81dd90736b58f551777488ca830c2c8b4a7282d8
SHA256

258796894a9a7febea7e1a8b8cd3b0ac4edca066971fad7849c4f86a0ae234dd
SHA512

81317c9175ecf11073d8a0c98ec65a028b89f8446b53a8c2ef56a8456006467952746f57462b72b4960a066aff7a01896ab17b6196094c5a378bf6a9fa19c469
SSDEEP

192:86MF93Uzsvdg7aa5EM8b12y5WmCTcfe4WDaN6:0b7lgTEB2y5WxTGWDa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0627b58424d315a4b0086318e1afc906_JaffaCakes118

Files

0627b58424d315a4b0086318e1afc906_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b30d8a45e99c9fbf2a8616812e4bbc0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
Sleep
ExitProcess
GetLastError
CreateMutexA
CloseHandle
WriteFile
CreateFileA
TerminateProcess
CreateToolhelp32Snapshot
GetProcAddress
LoadLibraryA
FreeLibrary
GetTickCount
GetTempPathA
GetSystemDirectoryA
GetPrivateProfileStringA
lstrcatA
Process32First
GetCurrentProcessId
OpenProcess
Process32Next

user32

FindWindowExA
PostMessageA
GetWindowTextA
GetForegroundWindow
wsprintfA
MessageBoxA
MessageBeep
GetMessageA
keybd_event
DispatchMessageA
TranslateMessage

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueExA

msvcrt

??2@YAPAXI@Z
_except_handler3
_itoa
_stricmp
strrchr
atoi

netapi32

Netbios

Sections

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ