100cae2d56325b7b3cea88bb8304f418_JaffaCakes118 | Triage

Sharing

General

Target

100cae2d56325b7b3cea88bb8304f418_JaffaCakes118
Size

8KB
MD5

100cae2d56325b7b3cea88bb8304f418
SHA1

12e00fff33eb5368d0f1ddb5e7cda8be3d9a31a7
SHA256

75129f6edcda6b647f5ddd3ba8c34fae12d4ddefd49d446920394c89792efb40
SHA512

25cd0717ffdaf56ec2cab95c6d750abcd95d285d0c7db7ad0dd49b62a916007ffab9b18acd2f8084f0c276f576e272f83b603420784663b24f3c67e9a464636a
SSDEEP

192:l9zXRdMGP9U34N6zJqEU3dBAaBU7PaYthJ:fXRdb1UQIcrwPaA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
100cae2d56325b7b3cea88bb8304f418_JaffaCakes118

Files

100cae2d56325b7b3cea88bb8304f418_JaffaCakes118
.exe windows:1 windows x86 arch:x86

251575623650bc933bad8739ca1c1602

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
Sleep
CreateThread
ExitProcess
VirtualAlloc
RtlMoveMemory
WaitForSingleObject

user32

MessageBoxA

ntdll

NtSetInformationThread
RtlDecompressBuffer

Sections

.data
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 390B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE