4c1436dad18cc88793b24554ca6f4df5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c1436dad18cc88793b24554ca6f4df5_JaffaCakes118
Size

119KB
MD5

4c1436dad18cc88793b24554ca6f4df5
SHA1

a3622a6e037be53935f9f94083a240f24d721cfb
SHA256

6252cc422e242146b08781a379dd3c03dd98b9dbb3f5e0e42358e921d7fc5a0a
SHA512

2966a9e98b19438e2a3bca51f9a85d7c5862a9e2255a8e05bd22e82a7715f1cb786d46ba4eaa3060f2386230ee1b5da65a7a758c5addfbea189458858b2ddb18
SSDEEP

3072:DwvCSt6M3y2EPqceglM0jIFQKQ7rm/0eP44q:ot2PGkjFH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c1436dad18cc88793b24554ca6f4df5_JaffaCakes118

Files

4c1436dad18cc88793b24554ca6f4df5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32ca8d5fca836efa8536566f0eee05c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess
CreateThread
VirtualAlloc
VirtualFree
ExitThread
GetSystemDirectoryA
CreateFileA
WriteFile
CloseHandle
FreeLibrary
GetFileTime
CompareFileTime
GetModuleFileNameA
GetCommandLineA

Sections

BitArts
Size: 59KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE