aebf4480534d615ebdccd5c1c2fbdd22_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aebf4480534d615ebdccd5c1c2fbdd22_JaffaCakes118
Size

384KB
MD5

aebf4480534d615ebdccd5c1c2fbdd22
SHA1

b7c550f18d21466e1c82f5062ea6a2492bdd7d05
SHA256

315927608f2ca0ac001fec22c3e5691b1b0a4f68a797176678fc6f6216f22748
SHA512

87a15c7dd7f9ae6854efe7dfb6fe9e49183c53543427ee94612b2e87f7daa9ffd82274ad442cbc6b0f26465dd2588c208ca2c51c5662a2f9debb3d587f65555a
SSDEEP

6144:CeV73as+XnM1od+9QC+1NOeHPcrnFIqiyXO57MQL2k/vd:Cu73as+q+CeUfc7MoP/V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aebf4480534d615ebdccd5c1c2fbdd22_JaffaCakes118

Files

aebf4480534d615ebdccd5c1c2fbdd22_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1e5d33070fcdbae8f49340ec34a761fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
WriteFile
CloseHandle
CreateFileW
GetFileAttributesW
GetTempPathW
ExitProcess
ReadFile
SetFilePointer
GetModuleFileNameW
GetTickCount
HeapAlloc
GetProcessHeap
HeapFree

Sections

.text
Size: 1024B - Virtual size: 798B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 406B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE