b6c509dc838c82845b5c075ea39edc80_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6c509dc838c82845b5c075ea39edc80_JaffaCakes118
Size

99KB
MD5

b6c509dc838c82845b5c075ea39edc80
SHA1

f8cc909ca1af01e42b60681bc66556794ec6372e
SHA256

d4e26095548d21d730efc62e833b1cbf425bc286bf5961e99f8bd02748a7bdb7
SHA512

a70641489343aae72babb0df500aec0e06b6554880951582d79b8961bef25e4cf048ae60040f88a7aecfc92f4cb67672fb2d4f1039edbf9827ed484986412de0
SSDEEP

1536:+KFjdWP1pvPUwLDWWRdHQEVszZCHw6Vtc8amoeFMWQK4O:dhWXjXwEVIDEtc8a2FMhf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6c509dc838c82845b5c075ea39edc80_JaffaCakes118

Files

b6c509dc838c82845b5c075ea39edc80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c8decf3582072f6edfc385a689f44f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
ExitProcess
FreeLibrary
GetCommandLineA
GetFileTime
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
lstrcatA
lstrcmpiA
RemoveDirectoryA
SetFileTime
VirtualAlloc
VirtualFree
WriteFile

Sections

1
Size: - Virtual size: 204KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

blablaaa
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE