9697e0043d193be3bcdc83eb6b06228c_JaffaCakes118 | Triage

Sharing

General

Target

9697e0043d193be3bcdc83eb6b06228c_JaffaCakes118
Size

87KB
MD5

9697e0043d193be3bcdc83eb6b06228c
SHA1

d56a54b74afcbfe949db492d1e9343cf3ff51e2e
SHA256

df64dc02aa0b4f678f9cba6dd23faa4d0c549a103c3be0a904a4930db2fc70e7
SHA512

d59da1fccd2331ee69ddea80cf7df69590aa9e022ac71d73225dc4e6f9194fc3bb36b5475118d049bfaf005ad844b2efe671ae64403f1f5a45dc242bdd1b3afa
SSDEEP

1536:1/Bd7th44lvLicY3SgcQXYqA09XH3Oj33mxT:5Bx44lvLicJgcGYqA09XXOj33mxT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9697e0043d193be3bcdc83eb6b06228c_JaffaCakes118

Files

9697e0043d193be3bcdc83eb6b06228c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4cb9ef4447d8512a8f95a9ad972b35fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
ExitProcess
CloseHandle
ReadFile
SetFilePointer
GetFileSize
GetModuleFileNameA
GetModuleHandleA
HeapFree
GetProcessHeap
HeapAlloc
VirtualAlloc
VirtualFree
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingA
GetProcAddress
LoadLibraryA

user32

RegisterClassA
GetKeyNameTextA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ