f97867e66b0bb922ac4b58f7dcb34fdf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f97867e66b0bb922ac4b58f7dcb34fdf_JaffaCakes118
Size

40KB
MD5

f97867e66b0bb922ac4b58f7dcb34fdf
SHA1

d39bda0d91c1476660d7ef8fb392a7d538a47ae2
SHA256

e37cd86f2ad8236c44c6720e66594ea233543f6e94c89df720ba0d8049328cc2
SHA512

04146369fb41790ee747d8aa1201aa8ec84fa91d9ad088a59ee35c6dd7e0e84346932c0dd97cea475d430a6eafb6abb9dc61aea1d1e1be126884dbeaf48fc6d3
SSDEEP

768:sJzcYmY1YczaA1CoMHYgGqQMA/sk+UKy/q9sxtIdOcmn0HdFI1Jm:uLYXHcLx7+A3xt5cmnfm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f97867e66b0bb922ac4b58f7dcb34fdf_JaffaCakes118

Files

f97867e66b0bb922ac4b58f7dcb34fdf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33fea0020c69ff6227bc5ac8d3a02cc6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
GetModuleFileNameA
SetFileTime
GetFileTime
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
CloseHandle
WriteFile
LockResource
LoadResource
SizeofResource
FindResourceA
CreateFileA
WideCharToMultiByte
lstrcatA
lstrcmpiA
ExitProcess
GetProcAddress
GetModuleHandleA
VirtualProtect

shell32

ShellExecuteA

ole32

CoCreateGuid
StringFromGUID2

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ