70aa87d87ed05670fb3a80ad4991c766_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70aa87d87ed05670fb3a80ad4991c766_JaffaCakes118
Size

20KB
MD5

70aa87d87ed05670fb3a80ad4991c766
SHA1

a5b9ed71c9c68c3b6794ed488a1ecf6289ea9aba
SHA256

2edbb9b33b4cb014594c3649d23d9546d103016a4b3619079762d8f38e1e4628
SHA512

7b0451e02941c6e29bea951431d70dbc11526049c0c1618c54fe0b1edc3abdfe9c9928e433e7615585ab49bcefcd9ef003b54da99f3bfa8a5fe9542390615d88
SSDEEP

384:V5VKIJ8nOMRGm4hEEZxPocGiSblRv1y2OfH8+V4kwO2NLBkbUWIzSf:VWnOM4hocGFb9y2O7GvVNMSSf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70aa87d87ed05670fb3a80ad4991c766_JaffaCakes118

Files

70aa87d87ed05670fb3a80ad4991c766_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6202e89566443033b9b2750018993c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalReAlloc
GetTempPathA
GlobalAlloc
SetFileTime
CloseHandle
WriteFile
CreateFileA
GlobalFree
SizeofResource
LockResource
LoadResource
FindResourceA
GetModuleHandleA
CreateProcessA
lstrlenA
ExitProcess
DeleteFileA
Sleep
GetExitCodeProcess
ReadFile
SetFilePointer
GetFileSize
WideCharToMultiByte
MultiByteToWideChar

user32

wsprintfA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ