74636e48a1a7f7a30e599eb83787fba5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74636e48a1a7f7a30e599eb83787fba5_JaffaCakes118
Size

22KB
MD5

74636e48a1a7f7a30e599eb83787fba5
SHA1

64f210b8782f554ad4d437227fcf8e021d38f2c4
SHA256

7cabd5e77d01dc1d98d2ecc07fcb1600f0a7bd546f43a61cf09964061e839d93
SHA512

d7cfbab4693a69d364329e3c04c5fcfbbca3202a4249b0e3ad547f7b53d06ac91f377fe31c6b1b40b1b71a7515c46405b542747df90e51acee3eab1c8c33ce87
SSDEEP

384:WjHBrRWHpNN/WzuoTr/xvIji//NwLgXp9yqdlIDoz3vdTp:U7WHRURZvIji//0srdlIDoz3vd1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74636e48a1a7f7a30e599eb83787fba5_JaffaCakes118

Files

74636e48a1a7f7a30e599eb83787fba5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b2f342c872e64a76a8de01fda742fc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
WinExec
GetModuleFileNameA
GetEnvironmentVariableA
CloseHandle
GetTickCount
GetVersionExA
FreeLibrary
GetProcAddress
LoadLibraryA
SetFileAttributesA
ReadFile
SetFilePointer
HeapAlloc
GetProcessHeap

user32

wvsprintfA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE