13c7683dc3e9f89f975e1a8d93da624c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13c7683dc3e9f89f975e1a8d93da624c_JaffaCakes118
Size

373KB
MD5

13c7683dc3e9f89f975e1a8d93da624c
SHA1

bf8c58b1a598125487f5053df95e8b8b7be1362c
SHA256

259a1c73f7fed064382258ffb380ce32907bf253fd02f73f5d2dcd3ed04d1658
SHA512

f6b3fec7f980f4c11a748bf646f5dd551a32b329ca7483de1cfcad87f0eab7cf973208cb5b212fc4f9cb8c319be07efb44d33350152b45166b30bbf0d0bdaecb
SSDEEP

6144:EdskFry2XbZlL+zHmiF0Br+cwSOh/NB+KhQsl:EakFrpXbrGHmiGicjmOKhQs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13c7683dc3e9f89f975e1a8d93da624c_JaffaCakes118

Files

13c7683dc3e9f89f975e1a8d93da624c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c8decf3582072f6edfc385a689f44f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
ExitProcess
FreeLibrary
GetCommandLineA
GetFileTime
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
lstrcatA
lstrcmpiA
RemoveDirectoryA
SetFileTime
VirtualAlloc
VirtualFree
WriteFile

Sections

.uf3B
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.R67W
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pAeS
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE