84305e6aa2967a8bf09c90cb7c7385ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84305e6aa2967a8bf09c90cb7c7385ce_JaffaCakes118
Size

38KB
MD5

84305e6aa2967a8bf09c90cb7c7385ce
SHA1

219a2a2b8174508f6a28911210916d3fb7d76db4
SHA256

37d908859b957cc68cf3b64c3445081b35fe4b4621f201c4faa6317305f8a432
SHA512

9b678eb2e39517a0e57a3fe83c8250456e6ef1edcd99a3766299410b69379150cbaf75b5461114e1fe26354a3b102aedeaae4a13db95057c359aa91a272972e3
SSDEEP

768:XTbhv98rrodboWW1wyi4uBFojoz1TFxNxUxv+fHy7PKvcPRxKxfcHcFNTIOFeqtq:DbhV8rekWW1wyi4uBFojozlFxNu2K7SW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84305e6aa2967a8bf09c90cb7c7385ce_JaffaCakes118

Files

84305e6aa2967a8bf09c90cb7c7385ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00d7269d7a78c9a1c16b4ff2181ad36e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
HeapDestroy
HeapFree
QueryPerformanceCounter
HeapCreate
HeapAlloc
GetProcessHeap
CloseHandle
ReadFile
SetFilePointer
CreateFileA
ExitProcess
GetModuleFileNameA
Sleep
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
IsBadReadPtr
lstrcmpiA
FreeLibrary
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE