27057ef8bdcb65671654eaac928d2bfa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27057ef8bdcb65671654eaac928d2bfa_JaffaCakes118
Size

15KB
MD5

27057ef8bdcb65671654eaac928d2bfa
SHA1

7fc7c7f6581847098c4a79c642cc33ddaab864de
SHA256

1504a9e8da7105cefd7d8673193151bbecc4ac0aa58adbc018228c883f0adc9a
SHA512

01d6691189e035b355cb0c4a2f2e5f08f2665ae3b19849ba3e10c58a450e7939c2b82ffa67122d1450e975ddfabdeb6f42e619a98308a1df5773af83e0d795b6
SSDEEP

384:m9xiw0PwXWum/VuhAVKxmnkd0NoJRUWh:eeuRhC2Ukd0CH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27057ef8bdcb65671654eaac928d2bfa_JaffaCakes118

Files

27057ef8bdcb65671654eaac928d2bfa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c39b5b2ab2297407d12d3124adc700e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
CreateFileA
WriteFile
GetSystemDirectoryA
lstrcatA
CreateDirectoryA
CloseHandle
lstrcpyA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 246B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ