fd5f872b6e230d97285e1ba6dd48c5ed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd5f872b6e230d97285e1ba6dd48c5ed_JaffaCakes118
Size

199KB
MD5

fd5f872b6e230d97285e1ba6dd48c5ed
SHA1

edb71ebd57cd8979ca5e448b31a977a0576ee75e
SHA256

58965ed613a55c8fafab283c9d919eec106038a2abad866e926d59e1c633be63
SHA512

1f5c8b4480e36049db7f0440320c590f06f47efb8251d61ee5d586db825f2975b0968186435e6f98c9ce3b537b03bddb7dbde4e3711514dcabd6456a9c1c8a95
SSDEEP

3072:wveHUv9+9Cnb8nrbvPWd46xmvVoK6/ZymxJ4PPsEHCw:wGkgtrrPWe6xge7BJUsgv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd5f872b6e230d97285e1ba6dd48c5ed_JaffaCakes118

Files

fd5f872b6e230d97285e1ba6dd48c5ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

036a9259e2f27ca3401cbf8ebb9afd1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
CloseHandle
WriteFile
ReadFile
SetFilePointer
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
GetProcAddress
GetModuleHandleA
lstrlenA
GetModuleFileNameA
SetThreadPriority
GetCurrentThread

shell32

ShellExecuteA

Sections

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ