4d1122d681d19c9dab70d57bb07cb726_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d1122d681d19c9dab70d57bb07cb726_JaffaCakes118
Size

286KB
MD5

4d1122d681d19c9dab70d57bb07cb726
SHA1

efcac269ed28138e1448eb9498089629d072ebd1
SHA256

3246ac749db8cd47a38d513339ea8e267ba12797708c6449d79dcdcc4e748ce3
SHA512

1a4ccaea9bc837389b40c9d7a036755a9a7f1d0129fea8b6bde17caa24f78ce205799e3399f88ec30699c264e5b02f50ec8718809160cba296b022e8b2c9ef8e
SSDEEP

6144:h84lyFME+/+FPA9TzSObHVNX1/b83t6FpvkknBvOxYuA:haFME+2FSdh8MvkkBv5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d1122d681d19c9dab70d57bb07cb726_JaffaCakes118

Files

4d1122d681d19c9dab70d57bb07cb726_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98369abdbf1057ab6fb55fb5789ecf40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
lstrlenA
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcmpA
ExitProcess
CloseHandle
ReadFile
CreateFileA
GetModuleFileNameA
GetLastError
SetFileAttributesA
lstrcatA
GetEnvironmentVariableA
Sleep

Sections

.text
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE