7545d5cd46e96a16caa6215122b821e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7545d5cd46e96a16caa6215122b821e4_JaffaCakes118
Size

881KB
MD5

7545d5cd46e96a16caa6215122b821e4
SHA1

2c1d4ea201c8adf2db221e64a86a936ff1f838a5
SHA256

7680062b21e1bab0ea9551b2536fd57faed6ba5bb1f9d3b000f12717eaf00038
SHA512

c5a9d5f3b01104d1df645a4f8df0f027ea3ad04888834109642e589612974c4d1aa771de4c82dd8bf14dea5f820e18c4eee20a6567ca06f387d620b125ec8529
SSDEEP

24576:R1fOyHRWxlMEnPp3WeV7xId1TVssC100OhZ:R1G5bDVxIdDsN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7545d5cd46e96a16caa6215122b821e4_JaffaCakes118

Files

7545d5cd46e96a16caa6215122b821e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96d648fd09f58e6f7e61ec936939c8eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
lstrcatA
CloseHandle
CreateFileA
ExitProcess
FindResourceA
GetTempPathA
WriteFile
LockResource
SizeofResource

shell32

ShellExecuteA

Sections

.text
Size: 512B - Virtual size: 326B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 366B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 879KB - Virtual size: 878KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ