0d37373d3ae851f1fe49a051a95ad780_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d37373d3ae851f1fe49a051a95ad780_JaffaCakes118
Size

184KB
MD5

0d37373d3ae851f1fe49a051a95ad780
SHA1

534d81666881d5a8af95bbd7b02905c6fb76bd72
SHA256

c3b0eefc678d3583b6e8325afe5a7ca3128f1a16a8e2429613bc717769f4e64b
SHA512

234ecbd4c7369f9f84915c1826353dfb1986af1edef37f74f86fc82a875d5d34f59c9dff3292ede454765bb40679d7bbd77ee977c67821a1a5b9b2d90667843b
SSDEEP

3072:+9iLfK48dr4RPOUZO6zp3k/8F4X0FFGPixn9D/JCOo:ypvUMM0vELAiR9D/4x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d37373d3ae851f1fe49a051a95ad780_JaffaCakes118

Files

0d37373d3ae851f1fe49a051a95ad780_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a4032d2e89a82565e9e8feb9260f929

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetLocalTime
CreateFileA
HeapFree
HeapAlloc
HeapCreate
GetCurrentProcess
GetProfileStringW
VirtualProtect
CloseHandle
Module32First
CreateToolhelp32Snapshot
GetModuleHandleA
GetStartupInfoA

msvcrt

gmtime
_exit
malloc
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
free
_XcptFilter
_memicmp

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 662KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ