48cd740019e1026c007328d4e4608b58_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48cd740019e1026c007328d4e4608b58_JaffaCakes118
Size

3KB
MD5

48cd740019e1026c007328d4e4608b58
SHA1

cf9862647207928b7ca796f888e4af87da61b3ab
SHA256

8bda769c40848503fd5bddf43d681405ba06cf8e59fb359847977c5326671220
SHA512

7537562c57b58ad06a6dd17fafeb3cc9373b328988614993462251f8dcb702d372d1f0d021d0599a07d3256814afd5eb6c3bbf9cd01f3fa7dc69d6d3170bc162

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48cd740019e1026c007328d4e4608b58_JaffaCakes118

Files

48cd740019e1026c007328d4e4608b58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7ddde62f42c89fbabb7dbe6d4656cfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetFileSize
ReadFile
SetFilePointer
CreateFileA
TerminateProcess
ResumeThread
SetThreadContext
WriteProcessMemory
VirtualAllocEx
ReadProcessMemory
GetThreadContext
CreateProcessA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
HeapAlloc
GetProcessHeap

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE