b82e0fc22c8fbac3688ec96368bf3933_JaffaCakes118 | Triage

Sharing

General

Target

b82e0fc22c8fbac3688ec96368bf3933_JaffaCakes118
Size

5KB
MD5

b82e0fc22c8fbac3688ec96368bf3933
SHA1

444b775f6ad5bfd73576538381ffe4f3c7c751ef
SHA256

4d3d3f1a057837b64ed1de52603e5a26be55fe6e5420e116a8cd1810e734cd7d
SHA512

d2ea25fcc5a5dcfa7877a68fc37c5429540b9666cfeb15a9df530c33261f47f4774dc17f2978b037b6b7f2f315d8d07e799855571ace4e5cdee501c51b6406f9
SSDEEP

96:Z1XYnp3peqgjpWg8IaFvoSgvH/8Yvdn47hcK:8np3peqgjpWGa9oSUEKshcK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b82e0fc22c8fbac3688ec96368bf3933_JaffaCakes118

Files

b82e0fc22c8fbac3688ec96368bf3933_JaffaCakes118
.exe windows:1 windows x86 arch:x86

ee78b2c855deae629473ebfbe5610f07

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharToOemA

kernel32

CloseHandle
CreateFileA
DeleteFileA
ExitProcess
GetModuleFileNameA
GetProcAddress
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
ReadFile
Sleep
WinExec
WriteFile
lstrcatA
lstrlenA

Sections

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE