b1ccbf213a3f3abe9c4718360dd8c105_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1ccbf213a3f3abe9c4718360dd8c105_JaffaCakes118
Size

120KB
MD5

b1ccbf213a3f3abe9c4718360dd8c105
SHA1

6c48ccf7f6cdc6928c4b947b7741ab491ca73052
SHA256

1cdfa50639cbb5868dfb6a2ce18d5d899b12c112ab34f17f71de2b47b8e1efa3
SHA512

527dad73fe67ac8bf982f65eede4988ee84539d1791fcdab54ec6fc29fccfd951abbdc9db77c2d3ab501df55572f22deb55d2d5ae3e9fc4e670833e00e259fe5
SSDEEP

3072:3ZrcSvPOw97+T7O3z22KOvIoMk0S8k/1fNG1V7P1w:pzXOw9qT7O3zf/JOShYC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1ccbf213a3f3abe9c4718360dd8c105_JaffaCakes118

Files

b1ccbf213a3f3abe9c4718360dd8c105_JaffaCakes118
.exe windows:5 windows x86 arch:x86

59d903225268e30dcff6f517be13f9e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateProcessW
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateFileW
GetTempFileNameW
lstrcpyW
lstrlenW
GetModuleFileNameW
GetModuleHandleW
GetTempPathW
GetFileSize
lstrcmpA
DeleteFileW
MoveFileW
CopyFileW
GetCommandLineW

shell32

CommandLineToArgvW

Sections

.data
Size: 120KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE