6fd586eca20627f6d953cf36959d1d51_JaffaCakes118 | Triage

Sharing

General

Target

6fd586eca20627f6d953cf36959d1d51_JaffaCakes118
Size

46KB
MD5

6fd586eca20627f6d953cf36959d1d51
SHA1

67dc142489ee2e7207d14b13a11001b61937befa
SHA256

789194cebaf9809a042d9b0705f7f2586daa1a20b7ea2e05aa68b9cc65c23502
SHA512

ea1b57f733e750aec713d5a79cdfebb932d816e842cf626882345c2a2825c773f346150904c069ea38f9358d6399f3ee48651836652893fee667845fcb1c5b06
SSDEEP

768:DKeOCdXZp+YIVQ+TqXpW/IddQ4x+t6WgMQSHqj5RF1eEz+AJ+mvRL:DzOu+YIVOWwvQQ+t6CQj5FkA9R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fd586eca20627f6d953cf36959d1d51_JaffaCakes118

Files

6fd586eca20627f6d953cf36959d1d51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3c0ea700aba4670fc75210a324bd2ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GlobalFree
DeleteFileA
GetTempPathA
GlobalSize
GetModuleHandleA
LoadResource
LockResource
SizeofResource
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WriteFile
CreateFileA
GlobalAlloc
GetTickCount
FindResourceA

msvcrt

srand
rand

Sections

.text
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 554B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ