0c434ff66527df8a4e76a16945f1ff68_JaffaCakes118 | Triage

Sharing

General

Target

0c434ff66527df8a4e76a16945f1ff68_JaffaCakes118
Size

832KB
MD5

0c434ff66527df8a4e76a16945f1ff68
SHA1

1e45c9bc6acb7c97f1a7af8bdb6078c4295e47a7
SHA256

f559e2dc77db2285486d54e328d5d0043b82d08badbef450a22f48be333f4959
SHA512

90ff3a2697a323b9b6d4ab000cf50136e6f908ca47e9d2a52304b9e9b00d8bba09c2be3a1af469b59e82a0f41fb66e02c5ed9be477511010430785b73452154a
SSDEEP

12288:AuS+m1nBUtOcDvsEOh9UmYbd0AZXGkLjS/nhXamCLDy4uYlzlnoHY698EwUFN1L:7BSnBUtOcDvsimYxJw8LUJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c434ff66527df8a4e76a16945f1ff68_JaffaCakes118

Files

0c434ff66527df8a4e76a16945f1ff68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54d7fb846380c34cf56067e9e13ef783

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
MoveFileExA
HeapFree
WriteFile
Sleep
DeleteFileA
CloseHandle
ReadFile
HeapAlloc
GetProcessHeap
GetFileSize
CreateFileA
lstrlenA
ExitProcess
lstrcatA
lstrcpyA
CopyFileA
GetTickCount
GetTempPathA
GetModuleFileNameA
GetCommandLineA
RtlUnwind

user32

wsprintfA

shlwapi

StrRChrA
StrStrIA

Exports

Exports

KaiXins

Sections

KXcool
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ