5b221b2163fe23843bb9b25334161dd5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b221b2163fe23843bb9b25334161dd5_JaffaCakes118
Size

25KB
MD5

5b221b2163fe23843bb9b25334161dd5
SHA1

a97a1fdb38dd9b5f0f74870c07a22cfa70109544
SHA256

c60b0e87c9e3f3f554205da706a4974f072203b9cd6d5e7a4f22b73fd0425a3c
SHA512

52db89cca43ac6498f6005d5fa51f1f0ffd029fc3230c89fb909fdaa7c46862073ef0e1eb64eed19ba564b880e66a2228ad0daa11df4508bfa75455fd4c4736a
SSDEEP

768:mcBVBr5DrOjpyEbMk1l7KVzyXfAugXn9/T:mcBVBrFcIml7KVWXouO9/T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b221b2163fe23843bb9b25334161dd5_JaffaCakes118

Files

5b221b2163fe23843bb9b25334161dd5_JaffaCakes118
.exe windows:6 windows x86 arch:x86

7e228778efafb48e7c9f42da50910054

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SleepEx
MapViewOfFile
GetModuleFileNameW
CreateFileW
FindClose
LoadLibraryA
ReadFileEx
GlobalMemoryStatus
WideCharToMultiByte
CreateFileMappingW
GetProcAddress
VirtualAlloc

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ