e118a7260ed2f825f9f06bf7c2073265_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e118a7260ed2f825f9f06bf7c2073265_JaffaCakes118
Size

30KB
MD5

e118a7260ed2f825f9f06bf7c2073265
SHA1

b6a0d89ba84bf26a2e70badd4f90a5060d399504
SHA256

67c4d8bae612e5a4362cefcbe837a7002dad67bc1ed3c8a7323259e9c61cdded
SHA512

134dbb7e175f0fc19b0b7fe0baeb969d7633b535053f3cf7e1666e35a4b316e856050559d1b1364c9c2c37043fcef30330fb396f489a808508164e4b854c7549
SSDEEP

768:rLzisbLjah2DO9ACRkSmzmTOVPATMYts4SLg:ji+qvGuM3Adts4o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e118a7260ed2f825f9f06bf7c2073265_JaffaCakes118

Files

e118a7260ed2f825f9f06bf7c2073265_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ed0b5dc545375f8ab7ba99a35f11512

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
LockResource
ExitProcess
WriteFile
GetModuleFileNameA
GetModuleHandleA
CreateFileA
SizeofResource
FindResourceA
CloseHandle
lstrlenA
lstrcpyA
GetSystemDirectoryA
MoveFileExA
lstrcatA
FreeLibrary
LoadResource
GetEnvironmentVariableA
HeapAlloc
HeapFree
GetShortPathNameA
GetProcAddress
LoadLibraryA

shell32

ShellExecuteA

Sections

.text
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ