b6081cdd4b62d6c4e78c8e5b97edaafe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6081cdd4b62d6c4e78c8e5b97edaafe_JaffaCakes118
Size

3KB
MD5

b6081cdd4b62d6c4e78c8e5b97edaafe
SHA1

8915ff291f618e17292f396097fe2fe532c549c8
SHA256

48d3a82f5cacac6c6045c97424aea13a9127a59245b0fb201f96149f8259f78d
SHA512

09fb23569b66a96e8852f535a54b4c2c22512600e641278b5a740886fc1aa905f0e8c6ddc8b7e4a2a7e7ebda5f3951166de71914c9d4f4de407f799bd6162d40

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6081cdd4b62d6c4e78c8e5b97edaafe_JaffaCakes118

Files

b6081cdd4b62d6c4e78c8e5b97edaafe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c2c73f97fd9d524344b9c7c8f179972

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateProcessA
ExitProcess
GetFileSize
GetProcAddress
GetSystemDefaultLCID
GetTempFileNameA
GetTempPathA
LoadLibraryA
OpenEventA
ReadFile
RtlFillMemory
VirtualAlloc
VirtualFree
lstrcatA

Sections

.text
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 466B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 289B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE