b3e389102cf812d9a3c701d46542689f_JaffaCakes118 | Triage

Sharing

General

Target

b3e389102cf812d9a3c701d46542689f_JaffaCakes118
Size

4KB
MD5

b3e389102cf812d9a3c701d46542689f
SHA1

bfe6e077e79ce73759f89cae0ea6e29347ccdb9e
SHA256

2d1f3730608badc94124999f3f8bfaa7281f9b742f20c5e0ec6b58ca3b24876d
SHA512

523a0a26e9ce58bec15c44bda5e3d7ac6a15055caac05a9636f0d70d0a334c39cce0fc15627bde825e63f215b96f96dd0c0ccf0989ff0210045b49ea717c8b2c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3e389102cf812d9a3c701d46542689f_JaffaCakes118

Files

b3e389102cf812d9a3c701d46542689f_JaffaCakes118
.exe windows:1 windows x86 arch:x86

142d03807248f45614ce539a26b6e110

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CopyFileA
CreateFileA
ExitProcess
FindFirstFileA
FindNextFileA
GetFileSize
GlobalAlloc
GlobalFree
ReadFile
SetFilePointer
WinExec
WriteFile
CloseHandle

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ