f64bbc3532e2b8a52d1790ba8d64556f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f64bbc3532e2b8a52d1790ba8d64556f_JaffaCakes118
Size

82KB
MD5

f64bbc3532e2b8a52d1790ba8d64556f
SHA1

6e690cb229e66be1cb571a4c0b5e55cda315b9c7
SHA256

288ad6c56172470be1736e3eadb485b422f4c26be6ef481228fd1d2c1952786b
SHA512

488beb9469e8eefdf6c8b487e12424ed175943793216ff0f1e8faf9320d7a2609560175f088e8cfa662fe56a48e6815b4a0e9a37186702cd832600b441a73e96
SSDEEP

1536:fwuxNJO0xAU4b+ADz9/Kccb8sdWQAsm09KZjGuz0MK6Dtrp8P:3y3b+A39/KTJxKAF6D14

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f64bbc3532e2b8a52d1790ba8d64556f_JaffaCakes118

Files

f64bbc3532e2b8a52d1790ba8d64556f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91821498a3d83ecff906d69710a1b420

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreateProcessA
DeleteFileA
ExitProcess
FreeLibrary
GetCurrentProcess
GetCurrentThread
GetEnvironmentVariableA
GetModuleFileNameA
CloseHandle
GetProcAddress
GetShortPathNameA
GlobalAlloc
GlobalFree
LoadLibraryA
SetPriorityClass
SetThreadPriority
UnmapViewOfFile
VirtualAlloc
VirtualFree

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE