8d6a01d87d9ef0da0994b72e003354c8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d6a01d87d9ef0da0994b72e003354c8_JaffaCakes118
Size

143KB
MD5

8d6a01d87d9ef0da0994b72e003354c8
SHA1

86a8057a2ee2da5299cf5055fc0ae488882d56ed
SHA256

8de50868d4c899558e35a3c828b39276ef6768b2f959f405c3e2439304ec1471
SHA512

548d160e74188ad408e45586d4a4e059ed537f637c2e75679666320850d6c6214d581fc86bdc162fcd217775f227545469fa26fd954f92c8eb88238cdd31abbd
SSDEEP

3072:h0q4GI/nLkyP7VX5SQm4LHxONqNcDhwzc0:h0PGIjDTD5mWONqO70

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d6a01d87d9ef0da0994b72e003354c8_JaffaCakes118

Files

8d6a01d87d9ef0da0994b72e003354c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36e1820d27b3e70804a7e91b356b3115

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA
SHGetSpecialFolderPathA

kernel32

CloseHandle
lstrcpyA
lstrcatA
WriteFile
SizeofResource
LockResource
LoadResource
GetModuleHandleA
GetModuleFileNameA
FindResourceA
ExitProcess
CreateFileA

Sections

.text
Size: 1024B - Virtual size: 538B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 442B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE