a0fa76987c7a067832809694559da03a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0fa76987c7a067832809694559da03a_JaffaCakes118
Size

6KB
MD5

a0fa76987c7a067832809694559da03a
SHA1

553f9da5402b4ca81d24e88f151729fc17b7945e
SHA256

ae46a1db68d3a2cf049a3a3c4f290abde9c4c4e5867f8f11814fb7494f25c1cc
SHA512

78eba6a4f86cabacf700dcf19f58a6fe58c9f79c27521a22a09222ddfa49057e672d9506e96ac0bcb90a4cca9044c4fe01c289f4fa4c9cfb5e797c4268f411c6
SSDEEP

96:OcttvHpxHXx6dtwoCzjaQljMMeDDd8Lx02Ne27ZAqpsQjkM:OcjfpxHh6szWQ5MB3dqi21ASjk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0fa76987c7a067832809694559da03a_JaffaCakes118

Files

a0fa76987c7a067832809694559da03a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5eb35255fb32ce046ceaa347170c85e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
FindClose
FindFirstFileA
FindNextFileA
GetDriveTypeA
GetLogicalDriveStringsA
GetPrivateProfileStringA
GetProcAddress
GetSystemDirectoryA
GlobalAlloc
GlobalFree
LoadLibraryA
MapViewOfFile
RtlMoveMemory
SetEndOfFile
SetFileAttributesA
SetFilePointer
UnmapViewOfFile
WriteFile
lstrcatA
lstrcpyA
lstrlenA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 658B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vsp
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE