86dcdcaa508ac735a4716f7039219d2b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86dcdcaa508ac735a4716f7039219d2b_JaffaCakes118
Size

9.5MB
MD5

86dcdcaa508ac735a4716f7039219d2b
SHA1

85350fa750b177d4bf8f224209c374c3eba61278
SHA256

dbf1a0efde3e41eafbd78a6a9e03a31ce5b773204ec5785eccd706384e221e02
SHA512

6824b566c6bdf11d36e1349bf5ed466d4780a0d5c8641b20924271c422f6c0bd23ec6a6fdccbd207f4334f449bcee0bace1d18c5394fa4aa7d63f59a43de7672
SSDEEP

196608:VzeA74ml1BBKjU0+KRn/gTfV3eesKNyS3DnSi9oxOd9LrJJbFRlkJ+QgHSwPQ:VqAt7UUGn/gXsKFznJhjB9FkM/HSwo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86dcdcaa508ac735a4716f7039219d2b_JaffaCakes118

Files

86dcdcaa508ac735a4716f7039219d2b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a604c6ea79d5ea984febff3382a81f77

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetCommandLineA
CloseHandle
UnmapViewOfFile
WriteFile
MapViewOfFile
CreateFileMappingA
GetTempFileNameA
GetTempPathA
CreateFileA
GetShortPathNameA
GetModuleFileNameA

user32

wsprintfA

Sections

.text
Size: 1024B - Virtual size: 521B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 597B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16.1MB - Virtual size: 16.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ