48a6714953a6f4dee04881b583fd4ed0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48a6714953a6f4dee04881b583fd4ed0_JaffaCakes118
Size

5KB
MD5

48a6714953a6f4dee04881b583fd4ed0
SHA1

72eb98b6c73c1267451b871a8d08f8768cc42c7f
SHA256

4c38e7736c3feead9ce9133feb6b036d0e2125b01c464ec554e51ea4649d1750
SHA512

1079d80cdd78adfc9b1eda06ccb23c74eaae8e003abaa69e3ec1d8d401e2375d4d2851fe17524ab339fbaa48125a26fbd467abdf6e9b9806ff5629725f871394
SSDEEP

48:ZvtzwJlwUcQ//o9T1+HD1IzIZN1qa4mFm55K4zG8UHHAH7dhNAMoBAX:Z1iuGno9wHK8n1j4mFm5DAn47hcK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48a6714953a6f4dee04881b583fd4ed0_JaffaCakes118

Files

48a6714953a6f4dee04881b583fd4ed0_JaffaCakes118
.exe windows:1 windows x86 arch:x86

ee78b2c855deae629473ebfbe5610f07

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharToOemA

kernel32

CloseHandle
CreateFileA
DeleteFileA
ExitProcess
GetModuleFileNameA
GetProcAddress
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
ReadFile
Sleep
WinExec
WriteFile
lstrcatA
lstrlenA

Sections

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE