1610145a3d12730fb30aa01f537b74d5_JaffaCakes118 | Triage

Sharing

General

Target

1610145a3d12730fb30aa01f537b74d5_JaffaCakes118
Size

23KB
MD5

1610145a3d12730fb30aa01f537b74d5
SHA1

9b910371ee368f701a15e9bfbc3733d3e61bd36f
SHA256

4e0f5910593eddaa53a4be1c8db39a9792216b76d0fadf502570e83365f434f5
SHA512

6e758de8ea3285fe1902425f144063941b137647b7b6f1fbd3af233ff625448469874fe161d0bc10c094e34b89d96a10c699c768e741963d4f5ddb730b3c17a5
SSDEEP

384:eX9ujs3rS04fy4Kn7e1pfJC7b07RaTYThmeSESQyfISDag4+f1fSBXMWbC53nq1x:eEs3zkSeTfKko4hpLSQ9SDx4+f1fSBXL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1610145a3d12730fb30aa01f537b74d5_JaffaCakes118

Files

1610145a3d12730fb30aa01f537b74d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3a0961f2561b44362bdcfb773ee9a99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
GlobalAlloc
CloseHandle
ExitProcess
GetModuleFileNameA
GetCommandLineA
HeapAlloc
GetProcessHeap
HeapFree
GetStartupInfoA

user32

wsprintfA

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE