1497f274589c116ae9c2a41a995c9adf_JaffaCakes118 | Triage

Sharing

General

Target

1497f274589c116ae9c2a41a995c9adf_JaffaCakes118
Size

5KB
MD5

1497f274589c116ae9c2a41a995c9adf
SHA1

d7533417baf8ee1841443c2ad8e054a03d53f0cc
SHA256

43f81cbba14681ff944c522fdd22866ef1be3938bfa8a1337d4f7335f7a52513
SHA512

2982fb1c9d58d5043526c091f1d4cf7b3063ac54f7fcbca5041f9e56d756375691e73e8ccbc8313878561ecf8c21e16e721e3b85f5f7874e419a1aa5446cadcf
SSDEEP

96:18dDlgcNhFxW/7n01fLXVvNzVNgvpJMC9prpwy12vkWnliu2NkzLUssCFzs608x:18QcNhCefTVvNztCTr312vkWl92NGosD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1497f274589c116ae9c2a41a995c9adf_JaffaCakes118

Files

1497f274589c116ae9c2a41a995c9adf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11230e9744c56754480a43b992118932

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
WinExec
GetTickCount
GetTempPathA
GetProcAddress
LoadLibraryA
CloseHandle
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
GetWindowsDirectoryA
GetCommandLineA
GetVersionExA
GetLocalTime
ExitProcess
Sleep
CopyFileA
GetLastError
LocalAlloc
InterlockedExchange
RaiseException
FreeLibrary

user32

wsprintfA

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
sprintf
_itoa
fopen
fscanf
fclose
strchr
_stricmp

rpcrt4

UuidCreateSequential

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ