9421edd847dc3354b94c6dd8edc51b5b_JaffaCakes118 | Triage

Sharing

General

Target

9421edd847dc3354b94c6dd8edc51b5b_JaffaCakes118
Size

80KB
MD5

9421edd847dc3354b94c6dd8edc51b5b
SHA1

2f009cffa2fbff9c9d502a90443de2f0726be563
SHA256

b72e634b78fb9ed1083a4ccec02b43021de55f2cb2b462b6d88a1d335e2b57d3
SHA512

a16c1bd0a3f1a881bc0fe3d24803136ff0e812356010c07c3ebfe15028869c6fadadbe810db71b8aa13fc3b393f924bd0da4decf940d7910b417b250f6c91392
SSDEEP

1536:/pfq/GP7pSGvKbxOgVPVFdLzx5mWm4sn4y0go1OChmDlw:FZpSAKFOgVPdHfmOs4y05IC8y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9421edd847dc3354b94c6dd8edc51b5b_JaffaCakes118

Files

9421edd847dc3354b94c6dd8edc51b5b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1f0334ef567a519374bfaf2615c0d785

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetFileSize
MapViewOfFile
UnmapViewOfFile
VirtualFree
WriteFile
CreateProcessA
GetProcAddress
VirtualAlloc
GetTempFileNameA
LoadLibraryA
CreateFileMappingA
GetModuleFileNameA
GetModuleHandleA
VirtualProtect
CloseHandle
GetTempPathA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 450B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE