07402ab2ada0ea73e892016b8749e7cd_JaffaCakes118 | Triage

Sharing

General

Target

07402ab2ada0ea73e892016b8749e7cd_JaffaCakes118
Size

5KB
MD5

07402ab2ada0ea73e892016b8749e7cd
SHA1

1e078f5167bf1bcd1a82b5ce385f65e580cf575c
SHA256

dea538199d224bdfb4e43f756b867dc5f8604be7c8db22c421d0f7631e20b778
SHA512

20544ad7198a4e8c83c3c7bbaa73cb03149e6dcaaef41f5d2923040db436cd412890cf1acace0e295d10fc4b570d1b3b1f5e30eca3d375e3241e92edab2924fd
SSDEEP

96:n32nG8MEFHZKmcUvqHM9oilQ5LEo4UMZ8:32Rs3HbiE4UM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07402ab2ada0ea73e892016b8749e7cd_JaffaCakes118

Files

07402ab2ada0ea73e892016b8749e7cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a2ff58a0c306b6ec53e91d23003c958

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
ExitProcess
GetCurrentProcess
lstrcpyA
lstrcmpiA
OpenProcess
VirtualAllocEx
WriteProcessMemory

user32

SetWindowPos
ShowWindow
keybd_event
FindWindowA
SetActiveWindow
GetWindowThreadProcessId
SendMessageA
GetForegroundWindow
GetClassNameA
GetWindow
SetWindowLongA

advapi32

RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyA
RegQueryValueExA
OpenProcessToken

msvcrt

_mkdir
fprintf
fopen
fseek
fclose

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE