f7278505619d2f93fcf1d8c3af9ec693_JaffaCakes118 | Triage

Sharing

General

Target

f7278505619d2f93fcf1d8c3af9ec693_JaffaCakes118
Size

36KB
MD5

f7278505619d2f93fcf1d8c3af9ec693
SHA1

89186aeaaa9dc1e26970993a7589a9f038ada3a2
SHA256

7236d72281eff5dd3a57b8a3620cb6d5ecb53517441d883ab7c6f49455c95bc2
SHA512

7ae0f753924836477e7949b9f2051250608420a6f13f205ba16a6eeec5ee7bd5a6d31f87f9c67ad0cf659ac1a3b3d5d8f7f19c39c19cb3fb70d79ce48cb3dc80
SSDEEP

768:eX7F10qBRuthVlwMLN5iZQAEwjYpIAqAF6vHVH:eX85nDGE5XqS2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7278505619d2f93fcf1d8c3af9ec693_JaffaCakes118

Files

f7278505619d2f93fcf1d8c3af9ec693_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5e040e8be8ce07e548c8232cc95cee8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
lstrlenA
lstrcpynA
WriteFile
lstrcatA
GetProcAddress
LoadLibraryA
CloseHandle
lstrcpyA
ExitProcess
lstrcmpA
GetCommandLineA
CreateProcessA
GetTempFileNameA
OpenMutexA
GetModuleFileNameA
CreateMutexA
GetTempPathA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetVersionExA
VirtualQuery
TerminateProcess
GetCurrentProcess
IsDebuggerPresent

user32

wsprintfA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ