c8e7a2bb16f8d98f881419c1e5913de1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8e7a2bb16f8d98f881419c1e5913de1_JaffaCakes118
Size

98KB
MD5

c8e7a2bb16f8d98f881419c1e5913de1
SHA1

5ebb4e033d926900539f3a09d493a79b4e43ce7d
SHA256

7f3c7c79f7f1a12811bbb923f1dfff56aa4d8cac328a03fc36ed097f78c88b81
SHA512

a7924130bd3db53f47813f0f89165e1e5c393213e87f88908dadefb9fafd00dfb71709e9e83cf76e95c913c3da152e84e7b7f8a6da95d9229d31198ef308a018
SSDEEP

1536:kRrbJRdMBoCn9dYgZXlCDfApk5yVXyoK5U38aXEDG8L3r80SrCC:kddOoC9Puf3yVXyyM683jSr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8e7a2bb16f8d98f881419c1e5913de1_JaffaCakes118

Files

c8e7a2bb16f8d98f881419c1e5913de1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5594b9fac15f2d0a57e6ebb015b5f8ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
CopyFileA
SetFileAttributesA
lstrcatA
lstrcpyA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetLastError
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
WriteFile
ReadFile
HeapFree
CloseHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
SetStdHandle
HeapAlloc
VirtualAlloc
HeapReAlloc
FlushFileBuffers
CreateFileA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ