4422120b3c9f5848b0fa22ee2453abfe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4422120b3c9f5848b0fa22ee2453abfe_JaffaCakes118
Size

128KB
MD5

4422120b3c9f5848b0fa22ee2453abfe
SHA1

eee530736c545b9359b45130ae8d8172d0f9cf05
SHA256

062e4ff510920a2860b079750f2187c75fe7eca513b7f97fcb71880bce2587ac
SHA512

f74561f1725001a142f5b699f0dc1a6cf1b889030d7357cfe79818d549885235a2b3a1812a65b85cf01085d35d0f835927600442ecce9b507bd0ba2adc93878a
SSDEEP

1536:XuRW70D8W62/mT8mpPOlpC+wnDHlfwgsbUspIw9Ny88LUeZmOMTGXCiCJ:+RW7t2/g8m1SUhkIqn84eZvRSiCJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4422120b3c9f5848b0fa22ee2453abfe_JaffaCakes118

Files

4422120b3c9f5848b0fa22ee2453abfe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3339231a785321abc771aa79e771ca13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
ExitThread
GetModuleHandleW
lstrlenW
GetCommandLineA
GetModuleHandleA
IsBadReadPtr
GetLastError
GetCommandLineW
LoadLibraryExA
GetProcAddress
IsBadHugeReadPtr
VirtualAllocEx

Sections

CODE
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 670B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ