e8245df352026f8774892a4c55f98ed8_JaffaCakes118 | Triage

Sharing

General

Target

e8245df352026f8774892a4c55f98ed8_JaffaCakes118
Size

49KB
MD5

e8245df352026f8774892a4c55f98ed8
SHA1

3c4c542d38429bbe9f3f8e7651f17abe581855e2
SHA256

0cb214f2262cce0b314333f757362dc501f1ed2c0d3283f05f3ef9d5acbba5ad
SHA512

3b461c2c1575f26006b8cea807af22785a4d01a9aa05e77ce8df3c4da947f7de62d7b65458212900d075facba2303d573666a00967f9e4aee70f8e68ba7cfc20
SSDEEP

768:0++3j6rsykU/eANURO+iXroPrPAaeVqkEpbgubgU3Gm5KrtWFgD:JQjirfjn+/LMqplptr5MtB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8245df352026f8774892a4c55f98ed8_JaffaCakes118

Files

e8245df352026f8774892a4c55f98ed8_JaffaCakes118
.exe windows:1 windows x86 arch:x86

d6d2aed873e5d414a4cfbe8d9be7ec80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind

user32

MessageBoxA

crtdll

_getch
_iob
_itoa
__GetMainArgs
_strnicmp
abort
exit
fputc
fwrite
localeconv
memcpy
memmove
memset
pow
raise
signal
strcat
strchr
strtol
wcslen
wctomb

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 608B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 784B - Virtual size: 784B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE