31479a16d53e965fbb43902ddae0beb9_JaffaCakes118 | Triage

Sharing

General

Target

31479a16d53e965fbb43902ddae0beb9_JaffaCakes118
Size

472KB
MD5

31479a16d53e965fbb43902ddae0beb9
SHA1

c9c740ac217a33596d73db68bf5d85a425c1bd1a
SHA256

57f69785ad393bc02a027a6f9128edd297705edcc416af2e110650387ce8ea7d
SHA512

dd46224baf7b838b353c8a3181e5868e350a9c020b1f65d1bc459ca828bf4722483999e134376cc414edc229efba58a8c4f03f6e1fe8f7b89edb32518161a5d8
SSDEEP

12288:vTOAkRj7IqoRHaxYmzzxrFdLh/20lRSgi:v6AkRjyaxYmdxdLxt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31479a16d53e965fbb43902ddae0beb9_JaffaCakes118

Files

31479a16d53e965fbb43902ddae0beb9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aac60df60ca85a65dc1aa5d99d8cccdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
lstrlenA
GetTempPathA
RemoveDirectoryA
SetCurrentDirectoryA
EnumResourceNamesA
GetUserDefaultLangID
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessA
GetPriorityClass
GetCurrentProcess
GetCommandLineA
lstrcmpiA
DeleteFileA
SetFileAttributesA
lstrcatA
GetStartupInfoA
ExitProcess
GetModuleHandleA

user32

CharNextA
wsprintfA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 906B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 456KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ