7635248241a3e1eb321431294ba11cd8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7635248241a3e1eb321431294ba11cd8_JaffaCakes118
Size

79KB
MD5

7635248241a3e1eb321431294ba11cd8
SHA1

878af8e4c4207c66fdc8f101d423d986895f3485
SHA256

6660abd0c46758092843092a9113c5de10fa0f5178db7c341dd1a84001393a0f
SHA512

c64a455edfc7908912b5cbb775cf3ed289667d0bce299f737a502e558b82a7ab05a2ac334322c27c4ceac7d442d88a90ba997ab4b6e4e27e858fd69b1e3f0edb
SSDEEP

1536:Cs77TwLJcdF6cRJ+jLk5YmbJPYAcrwiyeM1nYZtWpq83Y42b/8TH959aiepTDloI:Cs77TwLJcdF6cRJ+jLk5YMPU9MGZUp9K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7635248241a3e1eb321431294ba11cd8_JaffaCakes118

Files

7635248241a3e1eb321431294ba11cd8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eeed6e6db846388512e5f0274b159b6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
HeapDestroy
HeapFree
QueryPerformanceCounter
Sleep
HeapCreate
HeapAlloc
GetProcessHeap
CloseHandle
ReadFile
SetFilePointer
CreateFileA
ExitProcess
GetModuleFileNameA
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
IsBadReadPtr
lstrcmpiA
FreeLibrary
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE