71bc6ff55eac12ec0756acadea1c8688_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71bc6ff55eac12ec0756acadea1c8688_JaffaCakes118
Size

181KB
MD5

71bc6ff55eac12ec0756acadea1c8688
SHA1

ca35868ce1fa77ae39951a6febe80f4831e92c14
SHA256

690badcc67bc0b43a01278a4fc47ea6e7ea5f9d4f904686ef9b963f3d66fdcc0
SHA512

6dffdbe317261bdc484186d699c6ac4bbf190ea80bf7e87e5a6c7bb80dc366a452bae474b41faa29e090f3badc8de607c0fc563a19f6b09d54d08115135478bd
SSDEEP

3072:qIapGVgit5TkuE9Rv2feKuxe/QEc14O5qNcDINTBh6:qDpW/kuEL4eK34EBO5q+cf6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71bc6ff55eac12ec0756acadea1c8688_JaffaCakes118

Files

71bc6ff55eac12ec0756acadea1c8688_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f469e28d762c4b75f504f50b355e952

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA
SHGetSpecialFolderPathA

kernel32

ExitProcess
lstrcpyA
lstrcatA
WriteFile
SizeofResource
RtlZeroMemory
LockResource
LoadResource
GetTickCount
GetTempPathA
GetModuleHandleA
GetModuleFileNameA
CloseHandle
CreateFileA
FindResourceA
GetCurrentDirectoryA

Sections

.text
Size: 1024B - Virtual size: 766B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 546B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE