0914961f4d8d0b680adf72382c4c1335_JaffaCakes118 | Triage

Sharing

General

Target

0914961f4d8d0b680adf72382c4c1335_JaffaCakes118
Size

280KB
MD5

0914961f4d8d0b680adf72382c4c1335
SHA1

aa7ff14339a7478c37e903ef1da83edd37aed198
SHA256

d09af23b0e521ad6556acad68fc661fc9a925f77e6978f9e5279bda9d21a1a12
SHA512

b7b5f7dfc4705ed0c4b0a0fc12a615b3a5272d02cce816b57d0e286a920ec4454e3ec4c2db3919be00c4d434c882dab9684717a088d244fd3ac83c4d15363965
SSDEEP

6144:u6/biOqk9P/YtGY8d9g5RSimbSZYwiRe/3/cWQnSeFL4I6zJ6sp:l5/Ytnr+imbSnMe/3/cH5L4I6N6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0914961f4d8d0b680adf72382c4c1335_JaffaCakes118

Files

0914961f4d8d0b680adf72382c4c1335_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0262127d23fa65c4e51458153206228b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapAlloc
VirtualAlloc
lstrlenA
HeapFree
VirtualProtect
VirtualFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA

msvcrt

free
realloc
strncpy
_exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
exit
_stricmp

Sections

.text
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE