154e8fdca45e2371a56bf8cd85358d2f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

154e8fdca45e2371a56bf8cd85358d2f_JaffaCakes118
Size

52KB
MD5

154e8fdca45e2371a56bf8cd85358d2f
SHA1

62ba8147524061aed744bd5dc4c66dba5ba89c37
SHA256

dee4bc1b73fe226baeeecc2dc6a7661bc031361c728aebdb366b7678e4f1a7cd
SHA512

b47f035cdc44d943db062da29b1a3bed4b417e1e23bf5d5aeb867d609d153c0291030526f478fc15d79864459ef8e619ae3bd0d5450095d48636391070cc3243
SSDEEP

768:8+AObw06ClYt6xMgR9YqOwfdGDIhmYFp5vciqO02/88:01ClYtzQFciq92/88

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
154e8fdca45e2371a56bf8cd85358d2f_JaffaCakes118

Files

154e8fdca45e2371a56bf8cd85358d2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7345f9497130be252852f565608edfb2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetTickCount
GetTempPathA
Sleep
GetCurrentThreadId
ExitProcess
GetProcAddress
CloseHandle
WriteFile
CreateFileA
GetModuleFileNameA
LockResource
SizeofResource
LoadResource
FindResourceA
GetModuleHandleA

user32

PeekMessageA
PostThreadMessageA
wsprintfA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BY С��
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bedrock
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE