e94dd8a94b2dc9c320f02dc34d2c9000_JaffaCakes118 | Triage

Sharing

General

Target

e94dd8a94b2dc9c320f02dc34d2c9000_JaffaCakes118
Size

274KB
MD5

e94dd8a94b2dc9c320f02dc34d2c9000
SHA1

6ce83b3f606b762e9abef5d36fe784f2801e7f37
SHA256

414cbfc6f92d3d0896fd44d712e3809996b597f79c95ba25b29b4043dde54b6e
SHA512

e35dcb70ab1e9f2f62ced00c470b4c527b4196e0b0d7fa3db9e9e840517bb66817445382d5dea8ec3f2b46ff633fcc27fb41a45c896b37ea20813bd8c5c233a5
SSDEEP

6144:dYfAzMrvGCvzTkfmvgLq4BgR6T4C4kd8V8TEDVwSRP2Y8PWT:WCMz5TPvWT5PTEDOkhcWT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e94dd8a94b2dc9c320f02dc34d2c9000_JaffaCakes118

Files

e94dd8a94b2dc9c320f02dc34d2c9000_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bebbcf8ab93c1defb8b1d7e96c8ff431

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
CreateFileA
GetModuleHandleW
GetProcAddress
GetWindowsDirectoryW
lstrcatW
CreateFileW

gdi32

GetStockObject

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ