22b3249378247ab5235904d0d3d9dd7c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22b3249378247ab5235904d0d3d9dd7c_JaffaCakes118
Size

375KB
MD5

22b3249378247ab5235904d0d3d9dd7c
SHA1

b942054c4e56d7bd24d7126ec1fff89da5951c51
SHA256

a612f3d1f9fe35edaa239f2b39e1c1d558485d958b64ce61b073d5172b86db2d
SHA512

d249bf176535ea2d1821b2ce6290704b3d5beb854719b58d69813b3655ee6dc9b4ebe74bb90700b6186709a51fe7bd0a43f70c0aab6dec5b5b631ec9cb64ae39
SSDEEP

6144:dVMOpLIqNBgIiMntgvx73EuRiSTvQyl6zQBh1bcR1xY:d7pLIqNqIiMn0xrUSLQyl6zQNbKTY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22b3249378247ab5235904d0d3d9dd7c_JaffaCakes118

Files

22b3249378247ab5235904d0d3d9dd7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c8decf3582072f6edfc385a689f44f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
ExitProcess
FreeLibrary
GetCommandLineA
GetFileTime
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
lstrcatA
lstrcmpiA
RemoveDirectoryA
SetFileTime
VirtualAlloc
VirtualFree
WriteFile

Sections

.5syD
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.k1jY
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.3NTu
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE