a4b5262160d92a650c405966910df4bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4b5262160d92a650c405966910df4bc_JaffaCakes118
Size

572KB
MD5

a4b5262160d92a650c405966910df4bc
SHA1

8f718c56de537977af04991e4820279ed98a45a8
SHA256

ca9d68dde2a03f6a780073f98fdd38ca448b6794b8878932a702f496fe4aed1f
SHA512

39ae8c5e871eff4ec752861bdb38dd461ead55b6d7616d889009c84d7f44cb24a309d6c67d7af1470c1aac832fcbfe84fe67b831d5b3952e1c0ca16f841a869c
SSDEEP

12288:BVeJkAN0K5Uan5vh1KOP163wC3MDn51YSmH243:XykUF5v7zPXpHEW43

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4b5262160d92a650c405966910df4bc_JaffaCakes118

Files

a4b5262160d92a650c405966910df4bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f8d8b3e98352db7b58c9c89e6d22ca7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32 kernel32

ExitProcess ��

kernel32

ExitProcess

iphlpapi

GetAdaptersInfo

user32

EmptyClipboard

shell32

SHGetFolderPathA

Sections

CODE
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 526KB - Virtual size: 528KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ