JaffaCakes118_4ab4c733c9470946d669d46ad061627f | Triage

Sharing

General

Target

JaffaCakes118_4ab4c733c9470946d669d46ad061627f
Size

211KB
MD5

4ab4c733c9470946d669d46ad061627f
SHA1

0966e1793c71851d22e53d44b0b0eeebcb416baa
SHA256

9af3f4d87f42146036a54f09703fc6d7b9b9ebbefa56cb4c51b03ad77c72d577
SHA512

9455ed521318a99a93796f0127a4be170ea2ee66a30a42925681f431a97899edb14a30b973c2d64409860f68a3e2c812f89eaadd9bd52470058fb1cd2ee50ee9
SSDEEP

6144:mS1EYPUJXqDMQx6CUlka80J4WUGZr/JItrAO540NQ5:H1XPYqD+CU+01KthFNQ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4ab4c733c9470946d669d46ad061627f

Files

JaffaCakes118_4ab4c733c9470946d669d46ad061627f
.exe windows:4 windows x86 arch:x86

9c8decf3582072f6edfc385a689f44f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
ExitProcess
FreeLibrary
GetCommandLineA
GetFileTime
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
lstrcatA
lstrcmpiA
RemoveDirectoryA
SetFileTime
VirtualAlloc
VirtualFree
WriteFile

Sections

.text
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE