30674652bafc00fd4f614871c415f005_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30674652bafc00fd4f614871c415f005_JaffaCakes118
Size

8KB
MD5

30674652bafc00fd4f614871c415f005
SHA1

c344dbfe2aa7eafc9b805f12b12b353c62fa02e7
SHA256

f57bef274df1cb97f994c3fb7bbd115a617db1f2c1b67a1261828db10fd91a3d
SHA512

e2bd02799f720b0873d96225e0843d0ef01120f3f6976f916841296a4890bc7a636b4d3eb16443b2c372ee6dc153363ab041dce0971a9ab1a35dab403937c4bb
SSDEEP

48:OEPdo0v8qMXf6Fkr88mN+34olYwMButC3MduGBH+PcBc:nPdOnf6Fkgbc34IYwM4Q8wGGcBc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30674652bafc00fd4f614871c415f005_JaffaCakes118

Files

30674652bafc00fd4f614871c415f005_JaffaCakes118
.exe windows:1 windows x86 arch:x86

c895087f77097c5f7c96b3f3882eff5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA
CreateFileMappingA
ExitProcess
FindFirstFileA
FindNextFileA
FlushViewOfFile
GetModuleHandleA
GetProcAddress
LoadLibraryA
MapViewOfFile
SetFileAttributesA
SetFileTime
UnmapViewOfFile
CloseHandle

Sections

CODE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ