c12ff53b9f33951bfcc7a401275b3303_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c12ff53b9f33951bfcc7a401275b3303_JaffaCakes118
Size

120KB
MD5

c12ff53b9f33951bfcc7a401275b3303
SHA1

510d48ab85143b233babccc55b212b104ffb5071
SHA256

ea37aff48f3fea575cfb16105950209e8be01fb5e0f4307a9d1b37f4d7737442
SHA512

2dc968cf80d0967bb6791ae2d4865ad24ac947005d24275dbcb73f5034aaf685cecbbe5e2d7ac3517cc115c65489ec24fa26524e95d9c55bd4bb7ea79083bbc6
SSDEEP

3072:20n6Z8HYeYRV/qL8rTSRbIWhfQwVo7A5BjMKPScpjHDAW:2VAiHSHBZ2kHMKbF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c12ff53b9f33951bfcc7a401275b3303_JaffaCakes118

Files

c12ff53b9f33951bfcc7a401275b3303_JaffaCakes118
.exe windows:4 windows x86 arch:x86

06f89eb17a5f91177f3b7a49e12edce8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GlobalAlloc
ReadFile
RtlMoveMemory
VirtualAlloc
VirtualLock

Sections

.text
Size: 1024B - Virtual size: 526B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.help
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE