badb22ac63810e828497a23496a52f73_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

badb22ac63810e828497a23496a52f73_JaffaCakes118
Size

5KB
MD5

badb22ac63810e828497a23496a52f73
SHA1

720a205b223254c15da0071f8eacf107bae12876
SHA256

d16576b79c3a905be6ec7b7b0915f48656032b345aa687ded088944ec3847493
SHA512

6972fb4d73bdfb0d03d2863f6927f13fbca1c74ee1f5498940703f8c25b2ff39f61b7a9e2f0668f01ff9fe66bbc16d79dc0a96cb1d96f699d7131723462e6878
SSDEEP

48:ZvtTgWcs9IMyvtTXO48kr3AqrKJ+JLV9U1HuPyrd99gSTCtu7bCdoBM:Z1zzI71vr3De+n9MIyresCCbCqe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
badb22ac63810e828497a23496a52f73_JaffaCakes118

Files

badb22ac63810e828497a23496a52f73_JaffaCakes118
.exe windows:1 windows x86 arch:x86

7fc8a871ff1eb82604471bca09bacb5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
GetEnvironmentVariableA
GetModuleFileNameA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
LoadLibraryA
LocalAlloc
WriteFile
lstrcatA
lstrcpyA

shell32

ShellExecuteA

Sections

.flat
Size: 512B - Virtual size: 345B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE