6fa290db83a1fc759355aad8a22b3bb9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fa290db83a1fc759355aad8a22b3bb9_JaffaCakes118
Size

236KB
MD5

6fa290db83a1fc759355aad8a22b3bb9
SHA1

ef05258e809da2e5623a7807b7d5ee2b65f822fe
SHA256

9caaeadc53d546e011d959633d05f988f5bea1c4a1d30dd2ec67e38ec9a5e044
SHA512

c9f6d8c8d655dab05c17ef7883cebe06191086598fd32c55d2d511c2d4678c027fa296f5bb799433e1539df36d729fba7139d89a102981228daffe96cde543de
SSDEEP

6144:AuK6CelYy8GlTUfKJ4mggzriFp0kFWZXY3g:AuK6CelYy8GlTUfKJAgzriFBFWtY3g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fa290db83a1fc759355aad8a22b3bb9_JaffaCakes118

Files

6fa290db83a1fc759355aad8a22b3bb9_JaffaCakes118
.exe windows:1 windows x86 arch:x86

03ea7fc56e6811f80fc2dd1454ff7f4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
ExpandEnvironmentStringsA
GetFileTime
GetModuleFileNameA
LoadLibraryA
SetFileTime
WinExec
WriteFile

user32

MessageBoxA
wsprintfA

Sections

.code
Size: 231KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ