e9f5a208d6c5b31ae9a07edfeba289df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9f5a208d6c5b31ae9a07edfeba289df_JaffaCakes118
Size

34KB
MD5

e9f5a208d6c5b31ae9a07edfeba289df
SHA1

77d1d6fbfd19956f6334087795aee01fdde31739
SHA256

993f638d23c74dcc7cbe33c11aff02fd221c34fb2cfa127590b3bf35d3390d90
SHA512

210406cba575fb96418e545ae68aa7529fb39838a8e07724c6d1f332b5706286c06ee047aaaea1c626809d6a422f622fe34da7049c1aeed441d56d8538d5afe7
SSDEEP

384:zIrMnjQjehXc1WmjPck/FhbUCarvkmxVdFDOV5ZZkbGMrK+mwPHNMFDoL:8rM8ih0c8fURlrOUJe+nPHs4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9f5a208d6c5b31ae9a07edfeba289df_JaffaCakes118

Files

e9f5a208d6c5b31ae9a07edfeba289df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a12f8532b8c85105947d7430fb396ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UpdateResourceA
GetModuleHandleA
lstrcatA
lstrcpyA
ExitProcess
GetModuleFileNameA
SetFileTime
GetFileTime
EndUpdateResourceA
GetProcAddress
BeginUpdateResourceA
FreeLibrary
LockResource
LoadResource
SizeofResource
FindResourceA
CloseHandle
WideCharToMultiByte
lstrcmpiA

shell32

ShellExecuteA

ole32

CoCreateGuid
StringFromGUID2

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ