6755770ced0f41a960bbcfe699ea40b0_JaffaCakes118 | Triage

Sharing

General

Target

6755770ced0f41a960bbcfe699ea40b0_JaffaCakes118
Size

4.4MB
MD5

6755770ced0f41a960bbcfe699ea40b0
SHA1

60600656ed1811c2ddf47765f55ff2d42dd546cd
SHA256

578f8da85bacb31c387bcaa2a3c38d803fda947b6f18e1176019d13dbdca2dec
SHA512

c45e48efae1e423c86354d30177078673f3f3d6281ae75caf20bab5cf49fa2f8b5ca13934006491512ba33504185201d4aacf4110099df06881bf96db80c8e86
SSDEEP

98304:HkysAceYg/kDh8kIOkOEdaqlNFmGBBsgHm3NolDjXOwEsC:EysAc6s1IObEdDhYn3u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6755770ced0f41a960bbcfe699ea40b0_JaffaCakes118

Files

6755770ced0f41a960bbcfe699ea40b0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

59d903225268e30dcff6f517be13f9e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateProcessW
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateFileW
GetTempFileNameW
lstrcpyW
lstrlenW
GetModuleFileNameW
GetModuleHandleW
GetTempPathW
GetFileSize
lstrcmpA
DeleteFileW
MoveFileW
CopyFileW
GetCommandLineW

shell32

CommandLineToArgvW

Sections

.data
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE