JaffaCakes118_11fa97a4545d8b63aa1434ebd567b28f | Triage

Sharing

General

Target

JaffaCakes118_11fa97a4545d8b63aa1434ebd567b28f
Size

1.5MB
MD5

11fa97a4545d8b63aa1434ebd567b28f
SHA1

1aa56e8bb40ebc8d69b90ecfaa20c27b4528d6e7
SHA256

1f4888ca2992dc1b3db556a1c8ea5a0f39b65c1993bd9f700b169d83d0bdd8a3
SHA512

55965ef3cf4a5a2457150acca36ab96585b2d3ccee083bca52cd6d3cf2be1a7913909c4c529c08befcf0cfaacb3b7c7e661379172f2c4727ed3ab50516a1dca4
SSDEEP

49152:HXisKBNdKFmfBRA2U+XRWZYuIHdL09C9Xj:Hysm/KFmjAXZYugdL092j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_11fa97a4545d8b63aa1434ebd567b28f

Files

JaffaCakes118_11fa97a4545d8b63aa1434ebd567b28f
.exe windows:5 windows x86 arch:x86

4582ffdd7eb98cb63a937096204182b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetTickCount
GetModuleFileNameW
GetCurrentProcessId
OpenFileMappingW
GetLastError
MapViewOfFile
CloseHandle
CreateFileW
CreateFileMappingW
UnmapViewOfFile
GetFileInformationByHandle
VirtualAlloc
VirtualFree
GetModuleHandleA
GetProcAddress
LoadLibraryW

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xcpad
Size: - Virtual size: 1.2MB

.idata
Size: 1024B - Virtual size: 626B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ