2551de1c54f82ea06cda3372dbd41cf8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2551de1c54f82ea06cda3372dbd41cf8_JaffaCakes118
Size

24KB
MD5

2551de1c54f82ea06cda3372dbd41cf8
SHA1

93c637f25d2ce557fc87584a61ce491a9ace3b83
SHA256

da83ca589ab7b2e2080e2a965d0eb05f6464aedeb27ee207606370ec0fdf01ed
SHA512

0cd19ac405425438cb9690149f8f56f39a572b7403876c86c2c09280a8fbcf20f7cff06c30536da278af9f00ab173f644f08feec1d712ad1b455134bf8a48fe8
SSDEEP

384:fnzIgJAryzNtcMyx0+85uezec3EfppS5EqPeu6SNtEZVdsIv6/Hx:fzvJAfxY4c3EfzrqPeGt5x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2551de1c54f82ea06cda3372dbd41cf8_JaffaCakes118

Files

2551de1c54f82ea06cda3372dbd41cf8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad3c7e3330adaf7232fa184a9091b7ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
GetLastError
GetModuleHandleA
GetCommandLineA
ExitProcess
LoadLibraryA
GetProcAddress
Sleep
FreeLibrary
RtlZeroMemory
RtlMoveMemory
CreateFileA
WriteFile
CloseHandle
TerminateThread
TerminateProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
FlushFileBuffers

user32

GetDlgItem
SetFocus
EndDialog
SendMessageA
SetDlgItemTextA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetClassNameA
GetWindowThreadProcessId
ShowWindowAsync

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ