f1a38c79666bf79e88b2d8ef6f9914ae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1a38c79666bf79e88b2d8ef6f9914ae_JaffaCakes118
Size

2KB
MD5

f1a38c79666bf79e88b2d8ef6f9914ae
SHA1

86169615207b86638bd81914212dfafe63dc68e1
SHA256

31ca4a86de1c6c8d10df7e4db5237c9ec2410e784a339f6ffaa22ff5ee3b9ff2
SHA512

f5cf9156ac66c96cc0f93dd38f0101d07de1f4dcee45681b286dae5cdf429290be5ef460587513a14710227cded20c88a2fb8c27c2fe73c7e9da286dd037eeb5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1a38c79666bf79e88b2d8ef6f9914ae_JaffaCakes118

Files

f1a38c79666bf79e88b2d8ef6f9914ae_JaffaCakes118
.dll windows:4 windows x86 arch:x86

38b861dc47a1d43dc2f5bede214ea1d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapAlloc
WinExec
lstrcatA
GetModuleFileNameA

shell32

ShellExecuteA

Sections

.text
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 42B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ