c1aae51dd10062697b4ee31f5da46a41_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1aae51dd10062697b4ee31f5da46a41_JaffaCakes118
Size

246KB
MD5

c1aae51dd10062697b4ee31f5da46a41
SHA1

b3f04f5257af4c5e6b4508c270079c20d56cd567
SHA256

ec5532cfcf618362ddea525c5570b3c0c8a6bde078247eb0b56e3b4509ff7938
SHA512

618149f4bc427ff91ce2106195ba82fd3153080ecf153378bde45996ba692d7c84f647d0235f9469a9b0b8deb7b6d5b2b72222ccbfa33c308bc84980279b38a4
SSDEEP

6144:H5l//uTmQGHgRUZEBbFvN3Sfh0LET47IjbUpMI51G+bBu:ZlH254Z6bFvNh5GIpbLG+b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1aae51dd10062697b4ee31f5da46a41_JaffaCakes118

Files

c1aae51dd10062697b4ee31f5da46a41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a579bea253a754657b4f405561d1001b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAlloc
VirtualFree
VirtualProtect
LoadLibraryA
GetProcAddress
GetProcessHeap
CreateDirectoryA
DeleteFileA
GetFileSize
OpenEventA
DeviceIoControl
SetFilePointer
FreeLibrary

user32

SendMessageA

Sections

kMAJyFtc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

SRqKZeem
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gwHPHbmx
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE