e7a22d4e3a7a2f78c1d80726e9747790_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e7a22d4e3a7a2f78c1d80726e9747790_JaffaCakes118
Size

132KB
MD5

e7a22d4e3a7a2f78c1d80726e9747790
SHA1

4bb2cf19c2f64e996a16b7bfcdfe6547219d73b1
SHA256

f6294364eb6ac9aee1e8e0f3dc0c093736f89d066691f8492d57cb1029807909
SHA512

48c87bd2455ca6fb31a7546ef4042a39c1a9b796c6c13d98467d002ed8e31fe7623df5e5420128e6c1134d1c9d8dd1c3d97f49424c70219895d8cbf6fb1e3d03
SSDEEP

3072:bWQYzIBL8CIT5kgh3xs8nLtChM+M3aUePos92I/Qi1G25NXP:6F9CIC4RCh/M1eFcaQiU2f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7a22d4e3a7a2f78c1d80726e9747790_JaffaCakes118

Files

e7a22d4e3a7a2f78c1d80726e9747790_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f379a7ce9a5c262da9f154143ce9b4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
_except_handler3
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_controlfp
_exit

kernel32

GetModuleHandleA
VirtualAlloc
LoadLibraryA
CloseHandle
EnumResourceNamesA
GlobalAddAtomA
CancelIo
GetProcAddress
GetStartupInfoA

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ