bb38f9f400427b90733a0f111119231d_JaffaCakes118 | Triage

Sharing

General

Target

bb38f9f400427b90733a0f111119231d_JaffaCakes118
Size

387KB
MD5

bb38f9f400427b90733a0f111119231d
SHA1

bd5092fb8d12fa13c8e99bca6f7f35db4458f90a
SHA256

9baa744ef5ccae1ddce1b6c47fc72bedf20bdd3f6f7c4996f4da521c6aa79308
SHA512

ac2c2a3df654c4d97d56781e215763309a1cb2987d31f32bf6e62e59c9fe1bda61eaeeefcf7a2c538c03851513f77d0867bb57457d93de8f47b322ec038a9c5b
SSDEEP

6144:NFXqvgCRPHwEvQDb+ymE0PzpUieVVgBVQoHOfPZKOWavAuMNfY+gW96fhBQ5pRCA:NcLQ+ugPFUiw+BVQuO3ZZ+5V6ZKh3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb38f9f400427b90733a0f111119231d_JaffaCakes118

Files

bb38f9f400427b90733a0f111119231d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c8decf3582072f6edfc385a689f44f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
ExitProcess
FreeLibrary
GetCommandLineA
GetFileTime
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
lstrcatA
lstrcmpiA
RemoveDirectoryA
SetFileTime
VirtualAlloc
VirtualFree
WriteFile

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

toestoes
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

toestoes
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE