4960e53c9116c32e69fb0ff8a4f5cf24_JaffaCakes118 | Triage

Sharing

General

Target

4960e53c9116c32e69fb0ff8a4f5cf24_JaffaCakes118
Size

9KB
MD5

4960e53c9116c32e69fb0ff8a4f5cf24
SHA1

dbec0e040a6a8c27a734267103b2d5390359649f
SHA256

9ed51fc185f132f3e83b488d84ac1ce648e4d6a7ff446c83e601145ed565ec52
SHA512

9059f9dbc8df3a4eaa19a1e4b320b14862ff72c389c6cfe1f9364968bb92417600db94dd25f232d646e1a2a1fd3c352a55aee6147c1831c913c3ffd37d83c113
SSDEEP

48:OEP5wMy93EuvM0s5l6Yf+LbMMtZzm0AVINsZudoBH+mjlELK:nPi93EuU0s5Vf+LbJto0AVYqll4K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4960e53c9116c32e69fb0ff8a4f5cf24_JaffaCakes118

Files

4960e53c9116c32e69fb0ff8a4f5cf24_JaffaCakes118
.exe .vbs windows:1 windows x86 arch:x86 polyglot

9d71359b35f01594d82a1bd2669433ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CopyFileA
CreateFileA
ExitProcess
FindFirstFileA
FindNextFileA
GetCommandLineA
WriteFile
lstrcpyA
CloseHandle

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mjg
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE