28f279811dbab7b97ae1db5905c8e1b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28f279811dbab7b97ae1db5905c8e1b8_JaffaCakes118
Size

350KB
MD5

28f279811dbab7b97ae1db5905c8e1b8
SHA1

51c545d27bdf58c1e98ac6e6f4b51682668f605b
SHA256

e491ed78ddbc06cad83274ac9548af920ea2f812fafb59a13849b406cc8c4081
SHA512

e906de361bd9f30c051e61acff0b140d5078c1894ea0897ceb474581565c7fddafcca0e7f28464bb9d38dc8155471c3c5f59cb76a442a1f03cd59d24e6f229b4
SSDEEP

6144:ZDiT8DY6jPhU0yYQWYRkXWPcercy/O9RpkGOcpsXQaSIMbEZBwPDRfc+lgRxdxnb:08D5j5UwcaXbercy/Y6cpsADIMAkdc+8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28f279811dbab7b97ae1db5905c8e1b8_JaffaCakes118

Files

28f279811dbab7b97ae1db5905c8e1b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70dc206f522b0999f88fc871d649834d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
CreateMutexW
CloseHandle
FindFirstFileW
lstrcpyW
FreeLibrary
GetLastError
GetModuleFileNameW
CreateFileW
lstrcpyA
DeleteFileW
GetVersionExA
SuspendThread
CreateProcessW
ExitProcess
GetVersionExW
CreateProcessA
GetProcAddress
GetFileAttributesA
lstrlenA
LoadLibraryA
GetSystemTime
FindNextFileW
lstrlenW
DeleteFileA
LoadLibraryExA
GetVersion
FindResourceW
DeviceIoControl
CreateMutexA
CreateThread
FindResourceA
GetFileAttributesW

Sections

.text
Size: 345KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ