dd579d7ee6cc422660f5f901f62894b1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd579d7ee6cc422660f5f901f62894b1_JaffaCakes118
Size

198KB
MD5

dd579d7ee6cc422660f5f901f62894b1
SHA1

df75356ada168cb3262ceb417eda81a46989e8ba
SHA256

d7ef766206a32f65e985906d5016fdec8a8b10aefefda3c07397fd29a7546301
SHA512

c4143e7f593f0f86dff83024179b95693ce034de2d8e167882f9fc9652cf474091bb2e14543d9e2aa1b6788e4c320471c257c02475fb976b82bbabc76351eaa9
SSDEEP

3072:o/zMbJJyrEO60Ic6Mt8VVChoVs4BNQj+cblG1S/rgvm4RYIwS6xA7HnSb6qGo5Qp:ogHyTfIcZ2VKZblSosLqIoxAs6W+y6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd579d7ee6cc422660f5f901f62894b1_JaffaCakes118

Files

dd579d7ee6cc422660f5f901f62894b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a13ee2bd542e30b8d805240c3433d2bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32.dll.

CloseHandle
WriteFile
CreateFileA
DeleteFileA
lstrcpyA
lstrlenA
GetTempFileNameA
GetTempPathA
GlobalAlloc
ExitProcess
GetCommandLineA
GetModuleHandleA

shell32.dll.

ShellExecuteA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ