ce7fc27ce368b017df120b05e8139d0b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce7fc27ce368b017df120b05e8139d0b_JaffaCakes118
Size

813KB
MD5

ce7fc27ce368b017df120b05e8139d0b
SHA1

a383ab8bf7fb5d6cceececb90f2626b94556efe9
SHA256

f07006a2367baa9802163c753b3e05e4c4bacc97f86af9ebce6106fa3b7ce892
SHA512

d80e3a0bcca3e773a1e9412c06ee8d45770627ba3780eedf282c1f67cba7ae05c16dd99deb7146f251c6d1b826a0426b884e7e1e80d61eb8583596f9bd2de4d0
SSDEEP

24576:DnmXSrdxd4m8t2hKaYbJm3JcNzb1UgNd7wAhF:jPBxdl7hIAZcN9UwNwAX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce7fc27ce368b017df120b05e8139d0b_JaffaCakes118

Files

ce7fc27ce368b017df120b05e8139d0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d05135032f86cc84003861744e4f532

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
CloseHandle
CreateFileW
VirtualAlloc
GetProcAddress
LoadLibraryW
GetModuleHandleA
GetCurrentProcess
CreateFileMappingW
GetLastError
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameW

Sections

.text
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xcpad
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ