1048e08c6e262d14dce46efb179f5b1a_JaffaCakes118 | Triage

Sharing

General

Target

1048e08c6e262d14dce46efb179f5b1a_JaffaCakes118
Size

76KB
MD5

1048e08c6e262d14dce46efb179f5b1a
SHA1

36b6665192c057681d8f62c792acf29a0beabf13
SHA256

a84a292b5d1b581da70f4a59139cadaa5fb057d404586da7068f1ae5be393eb6
SHA512

c0937adb7984ce3c0afc531676cb86e0d0c3306345a8f483cdff5d1d7b2bbb23196e16027a0fa697a14e2201832dfcd7974818dfda9f2e826dd149a74a4a717c
SSDEEP

1536:VP6CN+iMRMuFnToIfGNvxQQvJ0ehEdfDYsvYBRaAosy:VP6CN+iMntTBfGSYsvYBEA+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1048e08c6e262d14dce46efb179f5b1a_JaffaCakes118

Files

1048e08c6e262d14dce46efb179f5b1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7e538b3f42887757661f66bede74b6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
FreeLibrary
DeleteFileA
FreeResource
CloseHandle
WriteFile
SetFileTime
FileTimeToLocalFileTime
SystemTimeToFileTime
FindResourceA
GetTempPathA
ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetModuleFileNameA

user32

wsprintfA

msvcrt

srand
rand

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ