dd8e2d3d4e4dc97166cc6654b86c811a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd8e2d3d4e4dc97166cc6654b86c811a_JaffaCakes118
Size

168KB
MD5

dd8e2d3d4e4dc97166cc6654b86c811a
SHA1

3aa82b22da55f587d0be2aa11a9452093943ddca
SHA256

fd2e336aec6b78486c59c20a63751777b0967572740e6e2d3da1fa9b665d48d6
SHA512

5604d71cd78d9250faa745632bf2860f63ee62ab92d02081e040aec4a96385b29c4544b14b588a8046eac36b03642d351ca94faa9bbcaf890de47939393adb66
SSDEEP

3072:Eotd0QySVrZkneizC3arCTYI3Tya68un22QUlGVT5r+s7cMzzkpIxgkj0:/tdtySVrCI3arCMIWb8SrVlA5r+kcMvy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd8e2d3d4e4dc97166cc6654b86c811a_JaffaCakes118

Files

dd8e2d3d4e4dc97166cc6654b86c811a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c8decf3582072f6edfc385a689f44f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
ExitProcess
FreeLibrary
GetCommandLineA
GetFileTime
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
lstrcatA
lstrcmpiA
RemoveDirectoryA
SetFileTime
VirtualAlloc
VirtualFree
WriteFile

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE