110169d5b1840f513c1e53abe898496e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

110169d5b1840f513c1e53abe898496e_JaffaCakes118
Size

318KB
MD5

110169d5b1840f513c1e53abe898496e
SHA1

a7055edb997344673e2e100c00431f766a06b286
SHA256

1e3cab4e5be79f781f2896484f01a76d02f15b99974531541095e455089d5301
SHA512

69d188fc8c7513ab3e0703986d5226c894e40adc92f04ce1c16f82f9f643d57342b99e9f054685f88eae89f29b5fa39b85633d1c924e48422160ba776d6f1391
SSDEEP

6144:1xMLnkNIwbteEJn6kpSSVzTa0M+4w8Wa8U+vcKs70IZc:vMgfeEJASVBMLWLi0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
110169d5b1840f513c1e53abe898496e_JaffaCakes118

Files

110169d5b1840f513c1e53abe898496e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d621d4d18751fc75c409821a1fde14b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
WriteFile
GetProcAddress
WinExec
LoadLibraryA
LockResource
GetModuleHandleA
VirtualFree
FreeLibrary
CreateFileA
GetTempFileNameA
GetTempPathA
CloseHandle
GetTickCount
LoadResource
SizeofResource
FindResourceA
LoadLibraryExW
SearchPathA
GetShortPathNameA
GetModuleFileNameA
ExitProcess
MoveFileExW
GetCommandLineW

user32

MoveWindow
GetWindowRect
GetDesktopWindow
SetDlgItemTextA
EndDialog
SetTimer
DialogBoxParamA

shell32

SHGetFolderPathA
CommandLineToArgvW

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ