1ab4cf3c023b3ed6cb769c92867f4389_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ab4cf3c023b3ed6cb769c92867f4389_JaffaCakes118
Size

63KB
MD5

1ab4cf3c023b3ed6cb769c92867f4389
SHA1

5833e207233ed01995f49d077cf0ed7f5b402959
SHA256

d64b1a13a310bc491e0d99f7bf52444d329bdf9f2cee89e2d55c5711c7a38779
SHA512

d1d0952a27bcdda01df17c4ddb9acbdb2bf5b090ca069e486731350b2e30a0b4eca23941d4174a00eab46bd223bbde9331c891ab3e1a61b63e87af05ad346c40
SSDEEP

1536:xsNw8rAkACUkilKLXG99V9rOMuvRmOR4VjdUh7:xQwpkL7LW9f5OMjOR4V5e7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ab4cf3c023b3ed6cb769c92867f4389_JaffaCakes118

Files

1ab4cf3c023b3ed6cb769c92867f4389_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2921615adfbb658d6aa0f35720b8f430

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetFileSize
HeapAlloc
HeapFree
GetProcessHeap
WriteFile
Sleep
ReadFile
GetTempFileNameA
LoadLibraryA
GetModuleFileNameA
CloseHandle
GetTempPathA

Sections

.text
Size: 512B - Virtual size: 334B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 82B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ