4a1a55257fb5d1eea6fa54e1d3faec29_JaffaCakes118 | Triage

Sharing

General

Target

4a1a55257fb5d1eea6fa54e1d3faec29_JaffaCakes118
Size

31KB
MD5

4a1a55257fb5d1eea6fa54e1d3faec29
SHA1

50c52f6805f1f618bbbee08993a061479bacdd76
SHA256

e1c8f4e7ceccd993c2f0540f1a287ac9080db3aa7dd44b7855d512df3bee08a0
SHA512

db6cac8ce11a1cb1edc49934c2ec6bc4659d082d9621a8977f0c51d6566aa8bd00967014651d9854f2ea5c02ab525177540659049e587d4d67e1114ea7506f24
SSDEEP

768:794GOrutnCPLMVXY9f8YJzREVtD4Xmv/P:79Er4n1VI98/f4c/P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a1a55257fb5d1eea6fa54e1d3faec29_JaffaCakes118

Files

4a1a55257fb5d1eea6fa54e1d3faec29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb4510ad76887d7cbff9f6d3d2c07ffe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
OpenMutexW
CreateMutexW
ExitProcess
CreateFileA
GetProcessHeap
GetFileSize
HeapAlloc
ReadFile
CloseHandle
lstrcpyA
lstrlenA
lstrcatA
CreateDirectoryA
HeapFree
GetSystemDirectoryA
WriteFile
GetFileTime
SetFileTime
CreateProcessA
DeleteFileA
GetSystemDirectoryW
CopyFileW
DeleteFileW

msvcrt

memset
strstr
memcpy
_strrev
wcscpy
wcscat

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE