443b15cbe021d5dc7e34e01285dc5ca6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

443b15cbe021d5dc7e34e01285dc5ca6_JaffaCakes118
Size

449KB
MD5

443b15cbe021d5dc7e34e01285dc5ca6
SHA1

16f6597ee0ce988005f534a717ad7365ba1fbaca
SHA256

84fff24081c12f2bb0c6e99f0eee3c7a509bc0f1f698a7c55ebe18f279348af6
SHA512

55a5b9ed2eb7d5ad3e566df7e03fbf8de75f01d775ebd58f1bbda82895a7d1a1f801415a363af6c6bbad00b98cd5d4435681634b24e68f72dc2a7018955f635c
SSDEEP

12288:50OOfMND6PPOcGV75kE5qvqbX+xZqzFM:WOOfMKi59qvGcqC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
443b15cbe021d5dc7e34e01285dc5ca6_JaffaCakes118

Files

443b15cbe021d5dc7e34e01285dc5ca6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0aa41c99bce77c572ae74a4753e86f48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
ExitProcess
DeleteFileW
WriteConsoleA
GetCommandLineW
CreateMutexA
VirtualAllocEx
OpenProcess
GetTickCount
CreateFileA
ResetEvent
HeapSize
GetStartupInfoA
GetModuleHandleA
SetEvent
SetConsoleCP
GetEnvironmentVariableW
RemoveDirectoryA
SetLastError
ReleaseMutex
ClearCommBreak

user32

DispatchMessageW
GetSysColor
GetClassInfoA
GetDC
FindWindowA
GetWindowLongA
GetDC
GetCaretPos
GetDC
DispatchMessageW
GetCursorInfo
CallWindowProcW
PeekMessageA

linkinfo

CreateLinkInfoA
CreateLinkInfoA
CreateLinkInfoA
CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 443KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ