454f52cf3b6b931436912683db6a6c4e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

454f52cf3b6b931436912683db6a6c4e_JaffaCakes118
Size

376KB
MD5

454f52cf3b6b931436912683db6a6c4e
SHA1

447177799592a0d5e89f7e1ea2ffdbb0c6239e5a
SHA256

a8f3aac77c43b95a7fbe78c0a37362548f4d5dc70141f907f5e273a4e22f6aa9
SHA512

cf34f76e219d8574e86828c52a3d7da0f583c9b09346336bc7407c370d9f19a151b3883ab464db5d91776407e660152942deaf20a276d0e18a465cf87e4d8ba2
SSDEEP

6144:e4hJDvFeKBw8v92A7BBHdn1tlXQrlNP2U8IfT8yhX4sEhLuFqODbrwzYYg59OP7m:h1Bv/3tlXd41VLJDbrOU06

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
454f52cf3b6b931436912683db6a6c4e_JaffaCakes118

Files

454f52cf3b6b931436912683db6a6c4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81638d02019c0bfcaaf23a9c69f2f12c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
WaitForSingleObject
CreateProcessA
GetCommandLineA
CloseHandle
UnmapViewOfFile
WriteFile
MapViewOfFile
DeleteFileA
GetTempFileNameA
GetTempPathA
CreateFileA
GetShortPathNameA
GetModuleFileNameA

user32

wsprintfA

Sections

.text
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 533B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ