6f84b80d78d4d919e6a78bcdbf7a41c8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f84b80d78d4d919e6a78bcdbf7a41c8_JaffaCakes118
Size

24KB
MD5

6f84b80d78d4d919e6a78bcdbf7a41c8
SHA1

791505b34fdc8fa7acc417020ef1b367ff1cbe42
SHA256

2ba223d1fd3da680f2a3a1a078e6c4ce5f1ec1a1b24800a10ef4603b398bf462
SHA512

ac9a2fbd56eb8a6c3eadb1d68ab3eb07ffce3aa0eb82bc4872c94729050dbe1041274e25b5bda0792bdead0ac503b83199af4c9b76ea322f0ec8de0f77967533
SSDEEP

384:Tiusch8IWTvo4uLQKd1vQgbzwm0NyU7rPkFt0oNluKYtPhIf0irtDT9I062vnF4:tvQM9Hh0NF7b9BtS9lYEn+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f84b80d78d4d919e6a78bcdbf7a41c8_JaffaCakes118

Files

6f84b80d78d4d919e6a78bcdbf7a41c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

536d5c04fc58f11186361f7ed74f6cbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetStartupInfoA
CloseHandle
WriteFile
lstrcpyA
ReadFile
SetFilePointer
CreateFileA
Sleep
FindFirstFileA
GetModuleFileNameA
SetFileAttributesA
DeleteFileA
GetTempPathA
CreateThread

msvcrt

strlen
memcpy
memcmp
malloc
rename
sprintf
strchr
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ