d18e8cc7902ce3732f5f49595486373f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d18e8cc7902ce3732f5f49595486373f_JaffaCakes118
Size

8KB
MD5

d18e8cc7902ce3732f5f49595486373f
SHA1

f49d2112ac31f61715d6177b45b77c19f3c221b6
SHA256

c39fad443f16b1b4274646e6a2a07ec0da7d2e13cc7aa813bc815bc4ba8b568a
SHA512

f96206d61f96b97dc03c998ad1dc1b3030a3382dbf46676553b0a7a04425ec14b9593236b4f46f8758ee97e69ec7cb4d44d94fa9b72c1b0aafb8a783151c7866
SSDEEP

12:OEh/G70yUQ7f1cjQg3fjV7g9QAp0QEpORC8NBHl4zHxlvykS:OEhu70Rj1flg9REpORvNBH+TxV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d18e8cc7902ce3732f5f49595486373f_JaffaCakes118

Files

d18e8cc7902ce3732f5f49595486373f_JaffaCakes118
.exe windows:1 windows x86 arch:x86

ac105921143535fe8eb447609af9644f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateProcessA
EXITPROCESS
FindFirstFileA
FindNextFileA
GetCommandLineA
GetWindowsDirectoryA
SetCurrentDirectoryA
lstrcpyA
CopyFileA

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ