b4373be59678741f06a5f9454ec84ab7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4373be59678741f06a5f9454ec84ab7_JaffaCakes118
Size

284KB
MD5

b4373be59678741f06a5f9454ec84ab7
SHA1

d26a4e1db21261b5a88d2b311141077632011b2b
SHA256

4bda3833bae6213bc386c6320e5f4852dd046212fe62a9243a756491132bc412
SHA512

ca4d851c91cab2c2da52314dcc16228e66e5b7822963d410996467aeb7457b547454a1ba0162ad96df363d39c1478ccb5dc67dd3b571bed1eb1d883398dd9840
SSDEEP

6144:ufk36q3W+ODlfCs0uzxBjkDaHzEPEBAW2AQsFkILcMpWMRE4jVGencF:ufdqoDJCs0uz3jemzEOAW2AQ1e3S4AeI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4373be59678741f06a5f9454ec84ab7_JaffaCakes118

Files

b4373be59678741f06a5f9454ec84ab7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32ca8d5fca836efa8536566f0eee05c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess
CreateThread
VirtualAlloc
VirtualFree
ExitThread
GetSystemDirectoryA
CreateFileA
WriteFile
CloseHandle
FreeLibrary
GetFileTime
CompareFileTime
GetModuleFileNameA
GetCommandLineA

Sections

BitArts
Size: 74KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 167KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE