1296e42cb4b3a63022e6cb971b6cc388_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1296e42cb4b3a63022e6cb971b6cc388_JaffaCakes118
Size

80KB
MD5

1296e42cb4b3a63022e6cb971b6cc388
SHA1

70a5e912e33de129149b7a998a0bbde1dc64f710
SHA256

b47bfd4cf995854c551bed846ec734862f2f629bd677a6542c6a6ba15cf77cf2
SHA512

7bc4c92093704b3a2b69419f5d1bef0685b4b269f53014d3e8439e6f62bf611f4b19d6a55cbab9ca285e1ceb4d097d7f9c9f54306672f9c28bc6efa30bbf0db3
SSDEEP

768:RUjKVjl9xw3x6nz7vj1wrd0Op6rLw7vIKpDKogOIFUlv:RUKJ3zzj1wz8rM7vH/d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1296e42cb4b3a63022e6cb971b6cc388_JaffaCakes118

Files

1296e42cb4b3a63022e6cb971b6cc388_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28c6ef1128d2dc0d513ddf64919b7716

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
ExitProcess
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap

Sections

BitArts
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ultra
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ