73cefa4b4e0077c1c5310c5f3b2f305d_JaffaCakes118 | Triage

Sharing

General

Target

73cefa4b4e0077c1c5310c5f3b2f305d_JaffaCakes118
Size

101KB
MD5

73cefa4b4e0077c1c5310c5f3b2f305d
SHA1

8c62915a8a3be52533662b7c725a58bb17888213
SHA256

f6cf8100dd3735bf46923b1768620e52fc7e93909389b814f5ec126b05b07579
SHA512

291661343b219d7d9a18c264b121b97dbff0e8210856348055d51b6796b9fbcf439cb6c4db1c40e05d6a2314dd1571fada9d1441100ca6f2216a2f738a3b0158
SSDEEP

1536:ytTPh7cf/ElAbr7PPAYKWo+RC8kImDMXorZv4P8eRKXHrqvyQOIR:uTPhtAbr7PPALWrvvXeusXLhh+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73cefa4b4e0077c1c5310c5f3b2f305d_JaffaCakes118

Files

73cefa4b4e0077c1c5310c5f3b2f305d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27f80ef0ebbb0a36a442d22fb158694b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
ReadFile
WriteFile
CloseHandle
CreateFileA
GetModuleHandleA
MapViewOfFile
CreateFileMappingA
GetFileSize
UnmapViewOfFile
lstrcatA
lstrcpyA
LocalFree
LocalAlloc
DeleteFileA
lstrlenA
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
IsBadReadPtr
SetFileTime
GetFileTime
GetCurrentThreadId
GetCurrentProcessId
ExitProcess

user32

wsprintfA

msvcrt

memset
memcpy

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ