28e324608fa880fb52e778a414d332e8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28e324608fa880fb52e778a414d332e8_JaffaCakes118
Size

34KB
MD5

28e324608fa880fb52e778a414d332e8
SHA1

d22678644b0b0e59706bd148e3e6a1d39594fca6
SHA256

d793af37756894f599d77390ea99a6b82b21c4034dac6d0f2d3625f3cc5cf5cf
SHA512

cce05b03c90ae50d52a64d40353efc77a6fd1caa37aad88a8a5620e733f70758fd9c64c4166594dd0808f07823e5630b97b22d0f5eddd6ce004c25c48ec4c27e
SSDEEP

768:UOwVeZ/TJCmQQLYTfmHqGmPZBL7T5rK1E2sdyH:UvE/T0mQnSKGmBBL7T5W62V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28e324608fa880fb52e778a414d332e8_JaffaCakes118

Files

28e324608fa880fb52e778a414d332e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af7fdb9ebf2cb69a553a3b994499fc16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleWindow
CompareFileTime
CopyFileW
CreateThread
DefineDosDeviceW
EnumResourceTypesW
GetCommConfig
GetDateFormatW

msvcrt

_mbccpy
_mbctombb
_mbsdec
_pctype
_snprintf
_snwprintf

shell32

DragQueryFileAorW
StrStrIA
DuplicateIcon

Sections

.text
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE