894b9de14dea224fb2df2245627726fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

894b9de14dea224fb2df2245627726fd_JaffaCakes118
Size

217KB
MD5

894b9de14dea224fb2df2245627726fd
SHA1

8840815dbb908c62336a4900330c33696d47ff4e
SHA256

1c211de999d872219c4de934f963592d1b93513d2133232c10f63cfa022298f6
SHA512

c76092888b599ec601658d99192d124b7c4df5bc819a225f8c4a15c532f993703fccdc00dfdc637a13920c8d711c5ba0c1950b7681505e03d9e1266304b76315
SSDEEP

6144:hKuY7erxgkG2CAB3Enjb/NLY9PEYhn+9NBPpoeo:71Q2Ce0nPxYr+b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
894b9de14dea224fb2df2245627726fd_JaffaCakes118

Files

894b9de14dea224fb2df2245627726fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b4cc2be0324264fac1338e1727600aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
DeleteFileA
lstrcpyA
lstrlenA
GetTempFileNameA
GetTempPathA
GlobalAlloc
ExitProcess
GetCommandLineA
GetModuleHandleA

shell32

ShellExecuteA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 197KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ