d6c77451a4bd6804e9cbda2c0ecd3891_JaffaCakes118 | Triage

Sharing

General

Target

d6c77451a4bd6804e9cbda2c0ecd3891_JaffaCakes118
Size

64KB
MD5

d6c77451a4bd6804e9cbda2c0ecd3891
SHA1

f19544809bf61afdbb786b1f331e9ae6daa51e05
SHA256

f67447faf57372757ac22dddf469fd8ba72e2dd75b0057b3cfcdd9859091e017
SHA512

abab4df2cd5998f5902e7354f0bbfc79bbdacf1993a4444c3c68f9e6d338a876537394cb4bbb45fa6576e78f21a3b8e46dc8243c6c5fd2289ad79eeaabb4a16c
SSDEEP

768:KzGfx8Bjnb5edUgbco969FeWi7+FZJYuaX6p6rLe3rwu:POBjb4uFowmZSZCq8rK3rwu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6c77451a4bd6804e9cbda2c0ecd3891_JaffaCakes118

Files

d6c77451a4bd6804e9cbda2c0ecd3891_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32ca8d5fca836efa8536566f0eee05c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess
CreateThread
VirtualAlloc
VirtualFree
ExitThread
GetSystemDirectoryA
CreateFileA
WriteFile
CloseHandle
FreeLibrary
GetFileTime
CompareFileTime
GetModuleFileNameA
GetCommandLineA

Sections

BitArts
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE