5fe59b88e60f000c7e437518cc6a6cfe_JaffaCakes118 | Triage

Sharing

General

Target

5fe59b88e60f000c7e437518cc6a6cfe_JaffaCakes118
Size

21KB
MD5

5fe59b88e60f000c7e437518cc6a6cfe
SHA1

c684a81d118011278ea3cef437cfa065008ac322
SHA256

d4549c7ce37177fe29e84db54b366b8a22236475fd234bea6d9ff6de97b7612f
SHA512

4922e25c6ede2cbab3f753ee9c8ebf42cf9b8b5c796a6b61eeb0bca53e142da456f8d51b8adb67621ecfc41d9eea0b8d3dd2377245119282afe1fa9d468bd817
SSDEEP

384:wEY5rn2qk1GyKDRfyaK8K4DLUbjcK5m++eg:wEWvRDRyJ4DL0jj5A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fe59b88e60f000c7e437518cc6a6cfe_JaffaCakes118

Files

5fe59b88e60f000c7e437518cc6a6cfe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99bc640124abcf2210a65c5da30859d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
FreeConsole
GetCommandLineA
DeleteFileA
ExitProcess
GetModuleFileNameA
lstrcpyA
lstrcatA
GetModuleHandleA
lstrlenA
CreateFileA
WriteFile
CloseHandle
Sleep
GetStartupInfoA
RtlUnwind
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
HeapValidate
GetSystemTimeAsFileTime
GetFileType
GetStdHandle
GetCurrentProcess
DuplicateHandle
SetHandleCount
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetConsoleCtrlHandler
VirtualAlloc
VirtualQuery

ole32

StgCreateStorageEx

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ