08cde7d61edefbec5fc8c467a684f855_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08cde7d61edefbec5fc8c467a684f855_JaffaCakes118
Size

57KB
MD5

08cde7d61edefbec5fc8c467a684f855
SHA1

186413f29a6494703a8dace3c38928aa1a64b6c6
SHA256

a152bd5727871f021150d126f68b39263d360c4d48de9b18c6c821b2c89e546c
SHA512

f92ba4e314a3a43cbfd0b37701b03fe09f8ec46c1f1bd505abdfb232aaa121deec1299baf4bb9770e3ec0160070a7d7d4cadda34847f81aa63724b3e44b69be3
SSDEEP

1536:e2Y5973pJeNYlbUh/BGZlhHcGqHAXOKSzyWR:e2A9r1lbIQ7K7geKzWR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08cde7d61edefbec5fc8c467a684f855_JaffaCakes118

Files

08cde7d61edefbec5fc8c467a684f855_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92ca98d040fccce54d8710e9dcbb70f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
lstrcmpA
GetStartupInfoA

advapi32

RegOpenKeyExA

msvcrt

strcpy
calloc
_exit
_XcptFilter
exit
_acmdln
strcat
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__getmainargs

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ