27f21e4839d2ae388455d8c44abd8e97_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27f21e4839d2ae388455d8c44abd8e97_JaffaCakes118
Size

6.8MB
MD5

27f21e4839d2ae388455d8c44abd8e97
SHA1

18795ef0b6af1e2b8a5925b11f01c7cf996313f6
SHA256

d047ed79a7f1dd69ee49f7fda26531c1e9320e42e171cd7f2a39ade5d837d1b3
SHA512

54067ca12f6aba2638c4f90d5ba95be6c258cb2973dbbcf47172748038326a23b335b31d5bc41fef09343f88f1f8b370afc39378850e743ac9d70d1e72410bfd
SSDEEP

196608:nVFobqHK0Lngac2Rgs6frnbn7wKEG7tn:nV2+HNjgacrfrb7wdi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27f21e4839d2ae388455d8c44abd8e97_JaffaCakes118

Files

27f21e4839d2ae388455d8c44abd8e97_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a359299f874cb898424ffe422bb69045

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
SetCurrentDirectoryA
GetTempPathA
CloseHandle

shell32

ShellExecuteA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ