1703022dee722f6befd675efc0f75187_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1703022dee722f6befd675efc0f75187_JaffaCakes118
Size

187KB
MD5

1703022dee722f6befd675efc0f75187
SHA1

72094bae0d8205eb9a172b74803198e7fc7f65e0
SHA256

37943828af97db7a3bbcdf3a47dddf988b86cd356ee333c1bbe2e6801e0eb3e4
SHA512

58e43e7490bbad407c99827722bee3fcc650a215327c26a0dcab804c5ad17c69bef8e459a393aea18732690260e31a0039381fbc522b781bc5aa36d763b921f9
SSDEEP

3072:O1jqoMpl5L8klAtrY6/EwGf1THyU2hXlYtuKo6VIGL4ip5ahw/wbYrV:O1jLel56rnEl9Hn0+uKlVZX3aoBr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1703022dee722f6befd675efc0f75187_JaffaCakes118

Files

1703022dee722f6befd675efc0f75187_JaffaCakes118
.exe windows:5 windows x86 arch:x86

43c51ee68aaefe75a546b38ddaf5cd8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\MyNewFolder\IsTest\Document\Work.exe

Imports

msvcrt

__set_app_type
wcscat
_controlfp
isxdigit
__p__commode
__p__fmode
gmtime
_initterm
fputs
_amsg_exit
_ismbblead
iswspace
exit
_exit
_XcptFilter
iswprint
_cexit
__getmainargs
__setusermatherr

kernel32

GetExitCodeThread
EscapeCommFunction
EnumResourceNamesW
SetFileAttributesA
SetupComm
LocalSize
GetNumberFormatW
CreateFileA
SystemTimeToFileTime
SetFileTime
FormatMessageA
IsBadReadPtr
TlsGetValue

Exports

Exports

_RegisterDeviceNotificationARegisterDeviceNotificationA@0
_RegisterDeviceNotification_A@0

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ