07f80c0324be5498205c0b211904b6f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07f80c0324be5498205c0b211904b6f8_JaffaCakes118
Size

17KB
MD5

07f80c0324be5498205c0b211904b6f8
SHA1

0906207a07e30a85830c213f72818a6d731e924a
SHA256

94b911d8d470a1dc972df5e7316b88b2686d1b2c5958f3c4333c39e3a049bfbc
SHA512

4350a805510217bb34a1b83cceee353a0048f052dd913f1fd27152c89575c84199a9a716ecf31d3737e8dae765956ecf8a94b2f50e0fe75da5ebb9b9030d5c67
SSDEEP

384:lHEhnHoOO9qOpb80EICjw7NLb0BCSGlH/Hq1D2e46f8Z36:SxIOmqe7NLYBzeH/HDe0Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07f80c0324be5498205c0b211904b6f8_JaffaCakes118

Files

07f80c0324be5498205c0b211904b6f8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4710e694cbc904bbde58b1960e1a3f6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetTickCount
GetModuleFileNameW
SetEnvironmentVariableW
GetCurrentProcessId
OpenFileMappingW
GetLastError
MapViewOfFile
CloseHandle
CreateFileW
CreateFileMappingW
UnmapViewOfFile
GetFileInformationByHandle
VirtualAlloc
VirtualFree
GetModuleHandleA
GetFileSizeEx
GetProcAddress
LoadLibraryW

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ