21c6d5e9884f12eee300da8a18fac092_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21c6d5e9884f12eee300da8a18fac092_JaffaCakes118
Size

13KB
MD5

21c6d5e9884f12eee300da8a18fac092
SHA1

60f16eee5f47224d36f9732da4b15cb562c62b6a
SHA256

d10c01444f2bf9cde5f83fa335fcce8ae3ecd08f163594f853582977565abb88
SHA512

5e22f34ff37072941deea9a16d6de89a1c3400931c649c3a7664cd5f7ead2c4e1a97c8ba73910b7fade5c9c9ef3f0176e59e0906a3e1a0ac9a9ce4764ba8f0a3
SSDEEP

384:n6COA4nyy4lBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBy:n6wqyF0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21c6d5e9884f12eee300da8a18fac092_JaffaCakes118

Files

21c6d5e9884f12eee300da8a18fac092_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0288eb4d2fb5a63f262eb95583b4e587

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mapviewoffile

GetExitCodeThread
WaitForSingleObject
Sleep
CreateRemoteThread
GetProcAddress
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetModuleHandleA
LoadLibraryA
FreeLibrary
FindResourceA
CreateProcessA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetTastError
CreateProcessA
UnmapViewOfFile
e
5
leMappingA
or
�UnmapViewOfFile
e
MapViewOfFile
SizeofResource
LoadResource
CreateFileA
LockResource
WriteFile
GetLastError
CloseHandle
5
eGetTastError
teProcessA
mapViewOfFile
ingA

ppinga

CreateFileMappingA

�mapviewoffile

eateProcessA
astError
mapViewOfFile

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ