a9e1a518a4095235f709593212f7cd74_JaffaCakes118 | Triage

Sharing

General

Target

a9e1a518a4095235f709593212f7cd74_JaffaCakes118
Size

32KB
MD5

a9e1a518a4095235f709593212f7cd74
SHA1

9bb9b13b652a23fb4bb07313ecb53abc303c78b2
SHA256

815f7358c7cfd72f115231befa66e8e5bc72f42b32611705a36e2375d1c6c9a0
SHA512

b4fb213c99a0ae7be9d9269a6e5eb3684bb8ada1ba0dba03498f505825b29d21be0f861dd3f1911223f08c71a3406759903aceb81eb8236bff54b5879de4aec8
SSDEEP

384:FCiq9EtQHJPQBaVQQqtY+fNQQ/mb56zSn32q5fqjf6FxCtwi:FICiHbejfNzM5UU324fqbqoR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9e1a518a4095235f709593212f7cd74_JaffaCakes118

Files

a9e1a518a4095235f709593212f7cd74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30916422d45cffabf9258dba0b61d25e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CloseHandle
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
ExitProcess
CreateProcessA
WaitForMultipleObjects
OpenProcess
CreateEventA

Sections

.text
Size: 512B - Virtual size: 482B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 366B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ