430258bb542c6b0eb4b73415bcd571ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

430258bb542c6b0eb4b73415bcd571ec_JaffaCakes118
Size

335KB
MD5

430258bb542c6b0eb4b73415bcd571ec
SHA1

72bcc4cdb5981984b7b6e13247c516f1aa190e45
SHA256

f72caa3e1499c985a798c29956f7205bcf243cc668591a183d6a22b2618a254f
SHA512

2a6598d7c60de2bbb2502c0542a0d5c2b5185eb2eba2fe175eb890c34893e5bd4bf1c55bd6824098591ed823caa949a38c82ceaa55c8a2117cb2199bef11acea
SSDEEP

6144:hM662nNYDmY0JG/mnEa/6AEpPokIVf1AmSHQQQ4VY9Vg+c25DKyI8F4NwQ:n62nNYyYN6R/6Az9AmSwQQ1GGGw4H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
430258bb542c6b0eb4b73415bcd571ec_JaffaCakes118

Files

430258bb542c6b0eb4b73415bcd571ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b4cc2be0324264fac1338e1727600aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
DeleteFileA
lstrcpyA
lstrlenA
GetTempFileNameA
GetTempPathA
GlobalAlloc
ExitProcess
GetCommandLineA
GetModuleHandleA

shell32

ShellExecuteA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ