109b5f5573da958e53668bda50fa92ab_JaffaCakes118 | Triage

Sharing

General

Target

109b5f5573da958e53668bda50fa92ab_JaffaCakes118
Size

350KB
MD5

109b5f5573da958e53668bda50fa92ab
SHA1

4d1a1eae40de2750ba41e5121a8da34fdb91cd23
SHA256

f230f37fafc957ef62918f634488d597bf01e8e0804328be96dabb13e2779957
SHA512

677057944dd273f520fef1a3809d8a3265c8f89cbd19bd3767d4ad1c123a105df9a531e694f68156da4df490410291b17ddf5bd99f87b3f729b06e7522522171
SSDEEP

6144:Lxn71DE51BaiuV7wiU6gAg3t9YAwF4AWZholGkclwfcGcQgS8zkKdPk3gg:Lxnxg5IrgXP3GtWPolcldrJzvo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
109b5f5573da958e53668bda50fa92ab_JaffaCakes118

Files

109b5f5573da958e53668bda50fa92ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c8decf3582072f6edfc385a689f44f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
ExitProcess
FreeLibrary
GetCommandLineA
GetFileTime
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
lstrcatA
lstrcmpiA
RemoveDirectoryA
SetFileTime
VirtualAlloc
VirtualFree
WriteFile

Sections

.49Ke
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IJ80
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.2728
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE

Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE