8a4dd139172c7d97e6bf998ffa3dc1a5_JaffaCakes118 | Triage

Sharing

General

Target

8a4dd139172c7d97e6bf998ffa3dc1a5_JaffaCakes118
Size

173KB
MD5

8a4dd139172c7d97e6bf998ffa3dc1a5
SHA1

3ce51a9bcbdc9280610306e3a492534fcfd09680
SHA256

dada59d3b17d9e6401dad2215c7a3721f128103fc1fc0e2b9df853acb674847d
SHA512

a0a0b5142bce68d564dcd58b6dac758398b8c20d1caeec4963ee7f5fa0297580d326e1f0952a083d22a1dcf80bcdde24a1f2d20b618818e32baf4e2ca5457bc3
SSDEEP

3072:FwJnoIh3UbIma2QSO89DOTCXk+YtNWct+TM:FgoIh3WVMTCQtNL+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a4dd139172c7d97e6bf998ffa3dc1a5_JaffaCakes118

Files

8a4dd139172c7d97e6bf998ffa3dc1a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96ce1cf7f77b112b253f3217da1c5edc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

StrStrA
StrChrIA
ShellExecuteA
SHGetSpecialFolderPathA

kernel32

CopyFileA
lstrcpyA
lstrcatA
WriteFile
Sleep
SizeofResource
LockResource
LoadResource
GetModuleHandleA
FindResourceA
ExitProcess
CreateFileA
CloseHandle

Sections

.text
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 486B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE