392f749b48b8c4be1be6212c74edf084_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

392f749b48b8c4be1be6212c74edf084_JaffaCakes118
Size

113KB
MD5

392f749b48b8c4be1be6212c74edf084
SHA1

b9c86b735a78c87a565cf9015c9eb9606c91b925
SHA256

56ea13f0d9ea63de758e55d04abc1e77ad7fec20d47c96d45b61c9ee8b7511ac
SHA512

5f04b6f53e3fc6083c34badb303ee062a06eb240e5b488c967921e26473e01bb85193f6d0c090d01fb96c4d0e523cbdb70f81c0eae25d1e54d2b274a342a1700
SSDEEP

1536:ZXiYOw10V9YQ9E6hkz/wpyGatCP1drSRp+mxuHy3mYhqA/50sRdnHH0fHmeY4sRV:FixV9Yf6htpnawNA/AAhvDHHqGehq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
392f749b48b8c4be1be6212c74edf084_JaffaCakes118

Files

392f749b48b8c4be1be6212c74edf084_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2db4fe3a9592cce5a8f71d08cafe8bb3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
Sleep
VirtualAlloc
VirtualFree
ExitProcess

user32

CharNextA

Sections

.text
Size: 512B - Virtual size: 334B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 227B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dsfwer
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE