748943a6bf6f6d33c7cb922ac4a53299_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

748943a6bf6f6d33c7cb922ac4a53299_JaffaCakes118
Size

322KB
MD5

748943a6bf6f6d33c7cb922ac4a53299
SHA1

3bc3abdcd16a4073cecada743c3a9548284e62f7
SHA256

1b76d49410d8b996ab459b01ad61df85e466b48cbdc4dc72abd5e70c57c223ca
SHA512

3c91dfca88df56c5f5603c478632afadf796fe1e24d9772dc21eb77bb0b9563bb377467589af9fdb06ed495e741749f899a264f256b6348f79d3985f66db80b1
SSDEEP

6144:e4hJDvFeKBw8v92A7BBHdn1tlXQrlNP2U8IfT8yhX4sEhLuFqODbrwzT:h1Bv/3tlXd41VLJDbri

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
748943a6bf6f6d33c7cb922ac4a53299_JaffaCakes118

Files

748943a6bf6f6d33c7cb922ac4a53299_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81638d02019c0bfcaaf23a9c69f2f12c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
WaitForSingleObject
CreateProcessA
GetCommandLineA
CloseHandle
UnmapViewOfFile
WriteFile
MapViewOfFile
DeleteFileA
GetTempFileNameA
GetTempPathA
CreateFileA
GetShortPathNameA
GetModuleFileNameA

user32

wsprintfA

Sections

.text
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 533B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ