785048cbb705b263fd7d13c3d4862f41_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

785048cbb705b263fd7d13c3d4862f41_JaffaCakes118
Size

24KB
MD5

785048cbb705b263fd7d13c3d4862f41
SHA1

6115dd4ffa8a6e2907696545eab3d3cbba74155f
SHA256

47c71bcbe7fe8baea76a2e3a64900d77c7ca84eec9cd3fee26adadc5c60a4904
SHA512

155da04324d701daaae3badc41edbaabcd69754b522e712252abfab06b5ace36ddcf36edd2dcff30c65d87f07e2c0e55eed459c3c9aab354ce43b8a5cabf8f54
SSDEEP

768:aINSdbrvZkdhjtvqFqnz/IM04c52dy4jySG:aiI3vZkBqEy2d1G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
785048cbb705b263fd7d13c3d4862f41_JaffaCakes118

Files

785048cbb705b263fd7d13c3d4862f41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f6a88d8ebf8653f490e882bd0e6a101

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
HeapDestroy
HeapFree
HeapCreate
HeapAlloc
GetProcessHeap
CloseHandle
ReadFile
SetFilePointer
CreateFileA
ExitProcess
GetModuleFileNameA
Sleep
QueryPerformanceCounter
GetTickCount
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
lstrcmpiA
FreeLibrary
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
GetCommandLineA

user32

wvsprintfA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE