0d8e73b0762e2144064cb839a1e7aad4_JaffaCakes118 | Triage

Sharing

General

Target

0d8e73b0762e2144064cb839a1e7aad4_JaffaCakes118
Size

24KB
MD5

0d8e73b0762e2144064cb839a1e7aad4
SHA1

8e715014459a28d14bfdf070201e52a23af65f5d
SHA256

883ffc125e964d102ccc307d2d4beac20b0fc1f93141483a751118c7ed65119d
SHA512

ef8d0bb7abe5cf36d144eec05af862df1fcab0326d8305310ad949f8b16d001df30957f49f97db9e32fd180d5178474c7e9a6f36158b1e2584229a82325c21b9
SSDEEP

192:Bxm11uVtAFKc7wQfl0E3tM9P5Uvkbbx+HNP1oyWM8KQ9Z1:/yfJ3b518M8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d8e73b0762e2144064cb839a1e7aad4_JaffaCakes118

Files

0d8e73b0762e2144064cb839a1e7aad4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b27e3687023682d3b0ef83022e93a555

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLongPathNameA
GetTempPathA
CloseHandle
WriteFile
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
CreateProcessA
GetModuleHandleA
GetStartupInfoA

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
sprintf
rand
srand
time
_except_handler3
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
atol
__CxxFrameHandler
_itoa

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 926B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ