b1859491992864b1dd59392bb93a849e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1859491992864b1dd59392bb93a849e_JaffaCakes118
Size

11KB
MD5

b1859491992864b1dd59392bb93a849e
SHA1

34cd0b752926e4dbd1c62171bb7b507d4271b197
SHA256

8baa6c8425f2eba03ca963fd16efca48c8393559a252dd29d150fa0c0d8c6809
SHA512

c61893e9bd75957964ca317eb913cdd467f05ce3eaf15f12b08e76818894ff13d8913da466867e92c1d703c064f1869e7ce12be2fa3302d1d671e4c5da864f22
SSDEEP

192:Q040QwQR+ktBcORYv8zJPmMEbq9z7leqSdreXtYenxqWEdqO19vkRkA6hA7+4xTb:Q04xRJ1HzJPmMEb8leNAtH4WJO19vG60

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1859491992864b1dd59392bb93a849e_JaffaCakes118

Files

b1859491992864b1dd59392bb93a849e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9184367f8d1f9986888f0eed2e6f8bf4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetModuleFileNameA
GetModuleFileNameW
GetProcAddress
LoadLibraryA
GetModuleHandleA
ReadFile
WriteFile
CloseHandle
CreateThread
CreatePipe
ExitProcess
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE