73d8c52be592c824feba5972f2cf667c_JaffaCakes118 | Triage

Sharing

General

Target

73d8c52be592c824feba5972f2cf667c_JaffaCakes118
Size

104KB
MD5

73d8c52be592c824feba5972f2cf667c
SHA1

019fc0384b4ebb1b6827e4bca059bace76b4d32b
SHA256

207a05af8f582c537534cb791a813e42791511c00938e5bf52ade2cbe225394a
SHA512

c9b7e9c5a32fb184b6287d9ab226141712e964bb11f85e0fb002f81e6a31e4b90788877e8dc8699eb66781e25579b5343756078acad83980cbd3f8b25506d2e2
SSDEEP

1536:e2ghaZcYZqJC3xdTOuWrdhoh8SHtNeuH21OfyerBjxwX:eHaZ0JKZWxhPSNNMOfbBo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73d8c52be592c824feba5972f2cf667c_JaffaCakes118

Files

73d8c52be592c824feba5972f2cf667c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c8decf3582072f6edfc385a689f44f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
ExitProcess
FreeLibrary
GetCommandLineA
GetFileTime
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
lstrcatA
lstrcmpiA
RemoveDirectoryA
SetFileTime
VirtualAlloc
VirtualFree
WriteFile

Sections

.uf3B
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.R67W
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pAeS
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE