1732966a0062e93cc8aaa376cfe34785_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1732966a0062e93cc8aaa376cfe34785_JaffaCakes118
Size

19KB
MD5

1732966a0062e93cc8aaa376cfe34785
SHA1

2b14d542da39d6ac527f589f43509746bb9287ee
SHA256

e29decd3a9bf6c5cab8b08b6d285c26bdb787ed50c249d1e230579158b3262b9
SHA512

532d8e46434941ba9b8c5492eb59df9fb65c4286338d23af46dc3a7481acb6e70d41feda7040ee80de276e9c83c2cef1def8ce1e38f310f845e02d38276b19f3
SSDEEP

384:e8O3nV+3o8jMjCYAD4uZOssxtXl343KOlXBocZYINbul0fG34o:Ws3o8jMjCYAD4uZUxH3GXBocZXNql0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1732966a0062e93cc8aaa376cfe34785_JaffaCakes118

Files

1732966a0062e93cc8aaa376cfe34785_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f3e065f0a514ad4ab1a46396e694dc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
CreateEventA
GetFileAttributesA
lstrcatA
GetProcAddress
WaitForSingleObject
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetTempPathA
lstrcpyA
lstrlenA
SetFilePointer
LoadLibraryA
CreateFileA
SetEvent
WriteFile
ExitThread
GetVersionExA
CreateThread
ExitProcess
RtlUnwind

user32

PeekMessageA
CreateWindowExA
TranslateMessage
ShowWindow
MsgWaitForMultipleObjects
DestroyWindow
CharToOemA
SetThreadDesktop
CreateDesktopA
wsprintfA
DispatchMessageA

shell32

SHGetFolderPathA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ