a4fdedfcf18ee1edb66b3af61f590a55_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4fdedfcf18ee1edb66b3af61f590a55_JaffaCakes118
Size

64KB
MD5

a4fdedfcf18ee1edb66b3af61f590a55
SHA1

0ef061d9e816cfdfac2e385522dfb7845ea754ed
SHA256

44a56eeba9c334abd723537352183714df01ddcc089c58e1d7ac2476b88c60ef
SHA512

6695fea123f33f27de8c1f4ed0d16b1c731c9bde04688f419b4835c1fe4515f05db42088df9c73ba7e216fe059394508f74e9098cb68c5c10bea775b802a6d65
SSDEEP

1536:UhHBBT8ltIT52lRXxL6Qod5fP7ufKgYUnun1LRB:yB43fLtod5E1YB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4fdedfcf18ee1edb66b3af61f590a55_JaffaCakes118

Files

a4fdedfcf18ee1edb66b3af61f590a55_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a13ee2bd542e30b8d805240c3433d2bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32.dll.

CloseHandle
WriteFile
CreateFileA
DeleteFileA
lstrcpyA
lstrlenA
GetTempFileNameA
GetTempPathA
GlobalAlloc
ExitProcess
GetCommandLineA
GetModuleHandleA

shell32.dll.

ShellExecuteA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 161KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ