189bee3d028b62c4dc05ae03dc4df018_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

189bee3d028b62c4dc05ae03dc4df018_JaffaCakes118
Size

44KB
MD5

189bee3d028b62c4dc05ae03dc4df018
SHA1

98a6c341a09bdec1169bbf7ac9a4f3f2b597afee
SHA256

da8d0f97627af49f25dd5cc4bbe5c4a5fdb81ff77d50a1e1928d54129c357294
SHA512

1bf697135a38ef3ff5ccd96bd77fb7b7d1a8cd3ab0127a9a634c9cc76763b24da11e62abf1c6a855f1ad1787f97f5da2794e6056174168ca18ed7174305c21bc
SSDEEP

768:RDOKw3XjtGxMBF4IAwF2/OFjpsssssssc6bB9slW4oifBqmm801T6HYr5QZX:RDOKw3XRF4ITC4R5qj80g4lAX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
189bee3d028b62c4dc05ae03dc4df018_JaffaCakes118

Files

189bee3d028b62c4dc05ae03dc4df018_JaffaCakes118
.exe windows:4 windows x86 arch:x86

65804a6528d825ea1743f607c4e44696

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strstr
strcpy
strlen
memcmp
??2@YAPAXI@Z
memset

kernel32

CreateFileA
VirtualAlloc
VirtualFree
CloseHandle
ReadFile
WriteFile

Sections

.text
Size: 17KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE