ea0cea918cfdd7a1cdca3e674d40b1c1_JaffaCakes118 | Triage

Sharing

General

Target

ea0cea918cfdd7a1cdca3e674d40b1c1_JaffaCakes118
Size

289KB
MD5

ea0cea918cfdd7a1cdca3e674d40b1c1
SHA1

01e4920fa4c2f8c5561f5f31037ceaafc325966a
SHA256

006e637cbac3b7891eb33baac968cb79fb5a88631ae9f2f4fcb65e652801e265
SHA512

dd16ec72caadbe197473daafae7ae5efdb1bb19d014f26822676d65e6452a3bc1d8f28cd0dcf65a2529720654c2ff5d16afb4ec16ebe20af4c0fc6cdbd043390
SSDEEP

6144:/FzFNj+UWnJEK7X52+7+nj4Z7k1u8nQ9sB0nCQyZ:tzFNj+VnOUJ8KyPnQq0CP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea0cea918cfdd7a1cdca3e674d40b1c1_JaffaCakes118

Files

ea0cea918cfdd7a1cdca3e674d40b1c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

750bd2bf1e6344af28b56183714695f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetWindowsDirectoryA
CreateFileA
lstrcatA
CloseHandle

msvcrt

memcpy

Sections

.text2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ