265bce66285b51181d150475b0c0514e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

265bce66285b51181d150475b0c0514e_JaffaCakes118
Size

20KB
MD5

265bce66285b51181d150475b0c0514e
SHA1

57698d916bf6000f277ee4ab13d6eb0bad37897d
SHA256

c11fe703bf90d59989b82aba7c3953099444bf07beb71cea2ad2b29b371534e7
SHA512

966c8048ea638f94f65fb4928f1c66d2fc3f6eea572ccdc25472b5f12e4e93d432e64ff07f58ae987a414c9930317a7585664510dc7a6fab38171af6f6ad9b6b
SSDEEP

384:BTD006zMxrWe8EDEWxrNFRW7Lps2C7ONH5T5sw/y5fhCW88eFCWoWKDEWT:BE06ztIrhFohs2C7OoMy5fhho4R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
265bce66285b51181d150475b0c0514e_JaffaCakes118

Files

265bce66285b51181d150475b0c0514e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae4581368291df9349f122a723aca50a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
lstrlenA
WinExec
lstrcatA
Sleep
lstrcpynA
CreateProcessA
WriteFile
OutputDebugStringW
HeapAlloc
CreateFileA
CloseHandle
GetSystemDirectoryA
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetProcessHeap

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ