d02e519ed33ccfb1c63b23a731b1897d_JaffaCakes118 | Triage

Sharing

General

Target

d02e519ed33ccfb1c63b23a731b1897d_JaffaCakes118
Size

28KB
MD5

d02e519ed33ccfb1c63b23a731b1897d
SHA1

56c5f9f3f5dc34ff3985dff6a1843e5b16e05d33
SHA256

7e685c7d4c32f8f726588af8a598e5e861a004e00122c0f03dd630f8d4bb0737
SHA512

2b6d599ff54e2396c71769bf9400656efd5cc6fabe3034d000ff02ed1da6ac44c01703bb4550d974693c0c035318dd6e6e45b7aa75caad0a2a21494c7b3b42a6
SSDEEP

96:yPeqk2CJbfqgsJMK2sijlCOnNbuMmIPp6hlCoWyMOfpBd1LoFWtj7q2hsuew:wXCOJMxRAMqCuPBd1LoFWtjW2hP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d02e519ed33ccfb1c63b23a731b1897d_JaffaCakes118

Files

d02e519ed33ccfb1c63b23a731b1897d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1bd582373771e5b82949cf18e258ca2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
FlushFileBuffers
ReadFile
LockResource
SizeofResource
LoadResource
lstrcatA
GetModuleHandleA
GetModuleFileNameA
CreateFileA
SetFilePointer
lstrlenA
WriteFile
CloseHandle
FindResourceA
ExitProcess

user32

wsprintfA

shell32

ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 735B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ