f24aca4bac204ab9953979e534e47a50_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f24aca4bac204ab9953979e534e47a50_JaffaCakes118
Size

77KB
MD5

f24aca4bac204ab9953979e534e47a50
SHA1

4a02bb420eb58f5da5ee58a2d081357ac948b0bb
SHA256

67e896996d64b7162449730aa31d9d8d0e181cd4154eda8364df674f9a2d0811
SHA512

b47924322f4f00d8cd8eb44a1cd17d65df786594fd81f9b5fbaab0f910f8efcb478d1e751ffff44a90f597522f92fa1626c7510b39a797ca0f4ef6b6a3d12ac7
SSDEEP

1536:+xJDrXJTUZQM99pEY+7mfZZt7BN6e5ooPzUOmJ9ybae9rvpI0svZWGKAkro7B8iS:+xJDr5T6Wz7mf7tr6EUHJ9ybaOrWbKAr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f24aca4bac204ab9953979e534e47a50_JaffaCakes118

Files

f24aca4bac204ab9953979e534e47a50_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c362751f44a9f875b2280fc6dcfae10c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

fgets
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
fopen
malloc
__p__fmode
__set_app_type
_except_handler3
_controlfp
isspace
fclose
_getch
time
srand
rand
strchr
_tempnam
free
memmove
sprintf
strrchr
strncpy
isdigit
atoi
_stricmp
_strnicmp
toupper
printf
exit
_adjust_fdiv
__p__commode

kernel32

SetFilePointer
WriteFile
ReadFile
LocalFree
LocalAlloc
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
CreateDirectoryA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
CreateFileA
GetLastError
GetFileInformationByHandle
CloseHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE