4557d69f433843877d0b89a924d809d8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4557d69f433843877d0b89a924d809d8_JaffaCakes118
Size

20KB
MD5

4557d69f433843877d0b89a924d809d8
SHA1

c8a7182aa2cb4855fa65303b4fe09e7d675d4aab
SHA256

a01f1858b6a8a262cf011b5692c783c761681496d92f78460fec3ab0cbadd705
SHA512

6aa5d67fbe79f0a607422c7654749f7055115024435aedcb83ac15c7af96f4b6bef7cc3b5d7ca69adf101fb4703ad2a7630e7be3d5e39a33b4b77b5b17090067
SSDEEP

192:tIvhz9kQU/hTyec0UmgGIVL8IU+gSkUslAxR5DJyRisQfQwgODokKam4xViZyx:P3c0dgGxHUFCBwQram4x8w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4557d69f433843877d0b89a924d809d8_JaffaCakes118

Files

4557d69f433843877d0b89a924d809d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b38c4706edbe23ba00098a1e4a35f6ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
LoadLibraryA
CloseHandle
DeleteFileA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
WriteFile
ReadFile
CreateFileA
lstrlenA
GetTempFileNameA
GetTempPathA
lstrcmpA
GetProcAddress
GetConsoleTitleA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA

user32

SetForegroundWindow
GetWindowThreadProcessId
DispatchMessageA
TranslateMessage
PeekMessageA
MessageBoxA
EnumWindows

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 362B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ