fc48edad2b85b148813ca8e9a5b65e21_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc48edad2b85b148813ca8e9a5b65e21_JaffaCakes118
Size

3KB
MD5

fc48edad2b85b148813ca8e9a5b65e21
SHA1

25704c1c72136da232a305407c6e9b6f355c133b
SHA256

2b9c8fc5312554e93c98c2f6ff2cb5a8069bc4e323d5eceaae0f44f66910d8e6
SHA512

6a71c90ecb586e8150121bc90e2aa3adeae5d1d5be1feedd926d28b6bfbf8b6aab029fd16f2f05400330e45e8152b0a195dbc4674e1bc06af70db4526a670d40

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc48edad2b85b148813ca8e9a5b65e21_JaffaCakes118

Files

fc48edad2b85b148813ca8e9a5b65e21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

515421f9d38afbc88fbb408a184408f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
ExitProcess
CloseHandle
WriteFile
CreateFileA
GetShortPathNameA
GetModuleFileNameA
GetModuleHandleA
WinExec
Sleep
GetTempPathA

Exports

Exports

DF
LLibRary

Sections

.text
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 433B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE