b74e33935d36cbef1e04ca9f3a005237_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b74e33935d36cbef1e04ca9f3a005237_JaffaCakes118
Size

404KB
MD5

b74e33935d36cbef1e04ca9f3a005237
SHA1

545165ea7430d398a462a7568d166008311df79f
SHA256

a6bad85fd6609fbf285df3e1df067b57676c049cf7f597ca83da380163a99f53
SHA512

2d5595021c308af4103c4f12a77ca4231c06265bb56c0d38118db2459cedf96c5d0ab2839e419d1d73eaa5e100ac391f32abd8cc2ddf8a80f15d170017fa0c2e
SSDEEP

6144:sRkOJE/laVc/KPgbETcR+ftjqvzamjCZ7tCao6R+pqT:WkOJE/liciYbIHtjqvWDPCah

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b74e33935d36cbef1e04ca9f3a005237_JaffaCakes118

Files

b74e33935d36cbef1e04ca9f3a005237_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c706c6f67b7d173b6ab503ee04d3cd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
GetLastError
CloseHandle
GetModuleHandleA
GetFileSize
CreateFileA
Sleep
GetProcAddress
VirtualFree
VirtualAlloc

netapi32

NetDfsRemoveFtRoot

avifil32

AVISaveOptions
AVISaveOptionsFree

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300KB - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ