148c07d87b5b660a73dd99f683b45343_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

148c07d87b5b660a73dd99f683b45343_JaffaCakes118
Size

133KB
MD5

148c07d87b5b660a73dd99f683b45343
SHA1

d553bd6ef25e23d33bee8cfcdd47b34d101f09ee
SHA256

1ec74cb1010b94835183adfbf4482d36383368c9e3530457ccefc37dd16432ef
SHA512

222240271395f1db58ea7a0916cabe9df008c94adbabd5a1fd218bf17c97565a3a69495bc14adc33b4a5a33a4790b295e9c3df29db7c2429e8bf5038fabd6cfa
SSDEEP

3072:8rd1TGOMZw195/nXCQ2Xo+egzbyp3kaa6aA0WpUs:a1aG13/XCz9e0Q3kLE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
148c07d87b5b660a73dd99f683b45343_JaffaCakes118

Files

148c07d87b5b660a73dd99f683b45343_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7aba6110d0b2fbab69f5445674eff8a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
GetCommandLineA
GetLastError
GetModuleHandleA
GetProcAddress
GetVersion
LoadLibraryA
VirtualProtect
lstrcmpiA

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ