d07d658fa916ca633082da3a2a7c8bc3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d07d658fa916ca633082da3a2a7c8bc3_JaffaCakes118
Size

16KB
MD5

d07d658fa916ca633082da3a2a7c8bc3
SHA1

9f6e3a45dc6c9b94a286a9e51811f9e4a4696488
SHA256

6da129179d72aebe59bebfe86978ee70b069ebbab2e025c207c5e4b10dcaf3a2
SHA512

c1227a6c8aaee4e152e5be03966399d55cdbef87d600b4a946b4171af196fee8b9630c51f870364e77bf2646c2340f878a158119e41223896627aa4ced96e8e2
SSDEEP

48:iSfbFZgfgkf1cke7WYqtUKHaXgnnPWKj1raGr+11WLLlu1e+ZAI8IU6bIZ92tAuT:x8sWBUKHenM41sLluCr6sZ8AA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d07d658fa916ca633082da3a2a7c8bc3_JaffaCakes118

Files

d07d658fa916ca633082da3a2a7c8bc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b9911d7d28fbce1c8650031c7560328

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
ReadFile
GetTempFileNameW
GetTempPathW
CreateFileW
Sleep
CloseHandle
Process32NextW
SetFilePointer
Process32FirstW
CreateToolhelp32Snapshot
GetTickCount
ExitProcess
GetVersionExW
CopyFileW

user32

LoadCursorW
RegisterClassW
wsprintfW
LoadIconW

gdi32

GetStockObject

ole32

CoInitializeEx
CoCreateInstance

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 702B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE