280e919e17d0704692d6c2a13a22f849_JaffaCakes118 | Triage

Sharing

General

Target

280e919e17d0704692d6c2a13a22f849_JaffaCakes118
Size

336KB
MD5

280e919e17d0704692d6c2a13a22f849
SHA1

dd6b064fe12aa65de75edd852489583b482670cf
SHA256

c492af19278e8168320fcd0813cc57bb072e1123c18fc8b41ad470501a511ce2
SHA512

39d627ae16dfa15877d3f8b1278119a37a59cf919e80b3776ca17eea0676e89021369355087dbd4335168c0a2001a34075a63d79725908f40dd93a10c6c99479
SSDEEP

6144:595wkKlKY4/8CyGfjdP7HeXpIsYPfz+zfZ6mBzKSVrCIPXiSG:apeEIdD+isEazhtzL/Pi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
280e919e17d0704692d6c2a13a22f849_JaffaCakes118

Files

280e919e17d0704692d6c2a13a22f849_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8432e1531e1252bc33fb75d5a74fa8e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAlloc
VirtualFree
VirtualProtect
LoadLibraryA
GetProcAddress
GetUserDefaultLCID
ReleaseSemaphore
CreateFileA
WriteFile
GetModuleFileNameA
GetProcessVersion
FreeLibrary
GetEnvironmentVariableA

Sections

.code
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 622B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 272KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

.idata
Size: 4KB - Virtual size: 3KB

.text
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE