54b8423d613fc34516c526522f7a7458_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54b8423d613fc34516c526522f7a7458_JaffaCakes118
Size

240KB
MD5

54b8423d613fc34516c526522f7a7458
SHA1

f696369e985b7a323b569f61c5f7facaa2acc73b
SHA256

6628e3f4058a70b67523f49a761a71624adc4f3f548cda417047968ef1869a99
SHA512

c55e05ab6492d0602ac7b51667ee624e2105876b488aa4cfe32c125011e9c6b902004d4a68b21d445428d54ceba3e3d4de0f01169f485e5fda5dc22333cb85fa
SSDEEP

6144:10SPHzF56m4v3uPuRW47d6ymueNqEGQBCYtPWuFuwdJuS3:BHzGGPuRf7Gu5EEY9WuFumc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54b8423d613fc34516c526522f7a7458_JaffaCakes118

Files

54b8423d613fc34516c526522f7a7458_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c844cf00cc9cb0fcc941ffdaef48ad29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shlwapi

PathFileExistsA
PathRemoveFileSpecW
PathFileExistsW
PathRemoveFileSpecA
PathAddBackslashW
PathIsDirectoryW

user32

EnableWindow
PostMessageA
EnumDesktopWindows
SendMessageA
GetDesktopWindow
PeekMessageA
FindWindowW

kernel32

GetProcessHeap
GetPriorityClass
GetFileSize
GetTempPathW
ExitProcess
SetEvent
GetModuleHandleA
ResetEvent
GetCommandLineA
SetCurrentDirectoryA

cfgmgr32

CMP_Init_Detection

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.strings
Size: 5KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ