ce727c3a654fa61e158612da6641be31_JaffaCakes118 | Triage

Sharing

General

Target

ce727c3a654fa61e158612da6641be31_JaffaCakes118
Size

14KB
MD5

ce727c3a654fa61e158612da6641be31
SHA1

fb440353e308a5d1af52f4db3c8f7887291338c7
SHA256

55b5295c2ed6606ce5fee474e8bd1cfff37bb370ac1f0104bd6fcececcec3e79
SHA512

6cbdc7d3fcac46b577a80ab4aaf00bd3a35309394e5a21a22a4d77b82bea01fb4f8f0affdf68bef53c9bb8991b39018eeff38ed14122dd97b5cdd0c475851ec7
SSDEEP

384:aI0xK3JYm8q+G80La8uYFZzy4QWxQz+wZ:4xEum8U80iaRBzi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce727c3a654fa61e158612da6641be31_JaffaCakes118

Files

ce727c3a654fa61e158612da6641be31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dcb6d281a1c40b42576da7431e24d420

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetProcAddress
LoadLibraryA
CloseHandle
WriteFile
lstrlenA
CreateFileA
GetTickCount
GetTempPathA
GetModuleFileNameA
LockResource
SizeofResource
LoadResource
FindResourceA
GetModuleHandleA
Sleep
GetCurrentThreadId
SetCurrentDirectoryA
GetSystemDirectoryA

user32

PeekMessageA
PostThreadMessageA
wsprintfA

Sections

.text
Size: 768B - Virtual size: 759B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 784B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ