348941abec3acca5566f3f866ee01358_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

348941abec3acca5566f3f866ee01358_JaffaCakes118
Size

23KB
MD5

348941abec3acca5566f3f866ee01358
SHA1

28515b113dac3b1ab1816ff321d1d6321245a835
SHA256

9a1bb9c0eb48a6a141019642879715330bc6d2d5efefb3b94135d7d835a28187
SHA512

38cd4088acdead6723e45abff9e81e0d002d56c240b082346a06d03237c0958e6a7756250d06938823df4df26d06d3615f66e0b474a9d8c9053e9c49c58d493a
SSDEEP

192:7IjnCsIE6JBSNmzYdokPyBu/N72kAX6SEkhcKpilHmTAZbebAtMGV18gg:7VEQBSNeJkqKN7axcKYlHmzTGf8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
348941abec3acca5566f3f866ee01358_JaffaCakes118

Files

348941abec3acca5566f3f866ee01358_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9eff66ec1fa111afcfb6e10666cb9da2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

CreateFileA
WriteFile
WinExec
CloseHandle
ExitProcess

Sections

.text
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ