0a4527cd989f75bca25a0bc2c816e845_JaffaCakes118 | Triage

Sharing

General

Target

0a4527cd989f75bca25a0bc2c816e845_JaffaCakes118
Size

885KB
MD5

0a4527cd989f75bca25a0bc2c816e845
SHA1

1c2998eb3647aebada3c0904f91392598fe97ecf
SHA256

40414127349525d4914afcce0c4ef14ee694a0ee45842ad932338c24eba16f56
SHA512

15563b1117cb45c61455ef227044e254594d8ae53edf9cbd77560c96fad60d15d37a08110bc74afb43fc29e05c87524192faca102361ba29cf91fc4bd2d0ab5f
SSDEEP

24576:JvXqcyK1sFv/LiHu8gdGY0QkENCn+n8e3JJqHqyzCMzTp7CgS:dbyYsFvjIYFko+BH9pM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a4527cd989f75bca25a0bc2c816e845_JaffaCakes118

Files

0a4527cd989f75bca25a0bc2c816e845_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d05135032f86cc84003861744e4f532

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
CloseHandle
CreateFileW
VirtualAlloc
GetProcAddress
LoadLibraryW
GetModuleHandleA
GetCurrentProcess
CreateFileMappingW
GetLastError
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameW

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xcpad
Size: - Virtual size: 492KB

.idata
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ