5cb7a98e2cb7c66735aeaa676358d172_JaffaCakes118 | Triage

Sharing

General

Target

5cb7a98e2cb7c66735aeaa676358d172_JaffaCakes118
Size

244KB
MD5

5cb7a98e2cb7c66735aeaa676358d172
SHA1

f6f0e110cbb2e65574a1f56f5ce53d28dddbfb56
SHA256

514bd738bdc96fcf4fb43666643daab9110442c1848ebe9c154d7f56c3f881f0
SHA512

d656f7d88083ff4510bd0c1dd83999164f849e6b1686fd21ea0400927203c10c6df72e3c2a61efc40bd90901444fd2c98a8d3783e53c59188701aea9c5cf64e1
SSDEEP

6144:T0XRxqjvPDBdIPJZleIgAwduIbmDDQeboUt:T02nY7leIGJq9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cb7a98e2cb7c66735aeaa676358d172_JaffaCakes118

Files

5cb7a98e2cb7c66735aeaa676358d172_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9af93ee069a493264ff30e511ca1fb3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
VirtualAllocEx
LoadLibraryA
GetProcAddress
GetWindowsDirectoryA
CreateFileA
lstrcatA
CloseHandle

msvcrt

memcpy

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ