d3c440a4f2297b6e4c5f15a0b7d01d96_JaffaCakes118 | Triage

Sharing

General

Target

d3c440a4f2297b6e4c5f15a0b7d01d96_JaffaCakes118
Size

5.8MB
MD5

d3c440a4f2297b6e4c5f15a0b7d01d96
SHA1

fd48537f253075c5f2594d6af1a655b3f8aec4fc
SHA256

0bb91d6c01005c5bfc2e208344ee3b47af9e31ed99d39eabedbf8f94e3c681cf
SHA512

49817004370354702bb061b86d57d763ae5329af1307ddf001619ddd8968acd6c89df94dd66ed8736721499699c62510fa3c9cb4482907ac688c5f091645dc0b
SSDEEP

98304:ErQhptmk8uy26GAVcInJF/05ZzJRJwqA61gyDUs2/R12vUuaKaL5amjIBOG/i4YS:88tm/5HyIJJUJYqA6ipsL4LUmEYGxkMl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3c440a4f2297b6e4c5f15a0b7d01d96_JaffaCakes118

Files

d3c440a4f2297b6e4c5f15a0b7d01d96_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55e0c80a67b6141798f1b63b011a3631

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
lstrcatA
WriteFile
CloseHandle
CreateFileA
ExitProcess
GetModuleFileNameA
GetProcAddress
LoadLibraryA
ReadFile
SetFilePointer

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ