bea9824204b813ea83a583bb6c239ad8_JaffaCakes118 | Triage

Sharing

General

Target

bea9824204b813ea83a583bb6c239ad8_JaffaCakes118
Size

93KB
MD5

bea9824204b813ea83a583bb6c239ad8
SHA1

2bb14264afb1d7351ca178e79a0381b98359f7c6
SHA256

bfb88d6016d2a53e9b7e72c5a694f4be50100ffa836783e205fc3eea8ebf8677
SHA512

1d0774c86c1b02e85090ff8df026251258784c16181dbc8669b506b38cc1cdd8e037fe03bdb9b875ac590463b0700e4e5f74953b00c1bd3393ac90493b4a4155
SSDEEP

1536:2TaJH+n+OGDAsZLEt396MJvJe2IoXowXNnORmYaR322F163F7BVypJoqtVE+4RBf:len+OmDZLEt7Jv02BTRbL6lBVybtKTJd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bea9824204b813ea83a583bb6c239ad8_JaffaCakes118

Files

bea9824204b813ea83a583bb6c239ad8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9eeefa7f6cdca34a42a6c3913e8fb403

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCommandLineW
GetTempFileNameW
FreeResource
FindResourceW
LoadResource
CreateProcessW
WaitForSingleObject
GetModuleHandleW
GetTickCount
WriteFile
SizeofResource
GetFileAttributesW
GetModuleFileNameW
CreateFileW
lstrlenW
GetTempPathW
LockResource
lstrcatW
CloseHandle

shell32

SHFileOperationW

shlwapi

StrChrW
StrRChrW

msvcrt

??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
free
memmove
memset

Sections

pe
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ