1c0b852b566a9d9753fb6d22b57415dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c0b852b566a9d9753fb6d22b57415dc_JaffaCakes118
Size

303KB
MD5

1c0b852b566a9d9753fb6d22b57415dc
SHA1

767860666196fb6615526938ba49e0cdf4613d99
SHA256

f3ad7a699f236aae48076df9fcc06186ca8d5bfb35fe2d504604afe9e50aef2a
SHA512

1ecccb9716a2d33faef861f4b9b05d622689eb2a2788e38b744f4c7731e7004d329d20ba84496bcc6a1798ff26e30316b8a445070c5c5d11b96cd9e142ee518e
SSDEEP

6144:C1FbxMtwB442mNFzpKbkYAs2Pnem80uZe:CP/lpztPB8Re

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c0b852b566a9d9753fb6d22b57415dc_JaffaCakes118

Files

1c0b852b566a9d9753fb6d22b57415dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fcf57146ab824bb067bf2896f723f7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
CreateFileA
LoadLibraryA
GetProcAddress
GetWindowsDirectoryW
lstrcatW
CreateFileW

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ