1b7276b303f38535528dd95f1fdda907_JaffaCakes118 | Triage

Sharing

General

Target

1b7276b303f38535528dd95f1fdda907_JaffaCakes118
Size

4KB
MD5

1b7276b303f38535528dd95f1fdda907
SHA1

3e72670b2eed6cd4826d99db47841c1df522538b
SHA256

1cecfd2053b1ebc7f315f80089c804279b6e6e871d0444283c9dda4eb3ad2e37
SHA512

2eb44bee13f50f2a8d7ee2c27d2903a1c1eb1294791362538d8675c9998e6118a9bf641edb30320b61ab31525db916e7d0e9da9a4914b4e801d823df5b384eb3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b7276b303f38535528dd95f1fdda907_JaffaCakes118

Files

1b7276b303f38535528dd95f1fdda907_JaffaCakes118
.exe windows:4 windows x86 arch:x86

131084f2f2ca37a43b936ef1b14b7a92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualAlloc
FindResourceA
SizeofResource
LoadResource
LockResource
LocalAlloc
GetTempPathA
GetTempFileNameA
CreateFileA
WriteFile
CloseHandle
GetStdHandle
GetCommandLineA
CreateProcessA
WaitForSingleObject
DeleteFileA
LocalFree
VirtualFree
GetStartupInfoA
GetModuleHandleA

msvcrt

memset
__set_app_type
_controlfp
exit
strstr

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE