18ada493eec2fe3a9b00708a4bb7d11e_JaffaCakes118 | Triage

Sharing

General

Target

18ada493eec2fe3a9b00708a4bb7d11e_JaffaCakes118
Size

62KB
MD5

18ada493eec2fe3a9b00708a4bb7d11e
SHA1

5e8f4aff3f1c01423371ff000ff107fba04896f6
SHA256

aea809e9d2e896622d0e0e221dde729240dd1303553b62c08568d6dfdb2e8740
SHA512

255a9704e8220d6153399b9c026946d556a2932bb276f5d0d09baef35ace9055d936b17bce930a238ae5458eec8bd2b630e021d3f261fdc9c86d3961c623ee8b
SSDEEP

1536:ETVkBAXuoi9d5P+YQd9rc9jOCZxSp4nMfaiqPGIozhsibJ:KVkCM1kcgCZxSphqepdbJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18ada493eec2fe3a9b00708a4bb7d11e_JaffaCakes118

Files

18ada493eec2fe3a9b00708a4bb7d11e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7a79f9691049aad3dee252ed1ff51ae6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ulib

?SetCaseSensitive@ARGUMENT_LEXEMIZER@@QAEXE@Z
??1ARRAY@@UAE@XZ
??0FSN_FILTER@@QAE@XZ
?Initialize@WSTRING@@QAEEPBV1@KK@Z
?Initialize@FSN_FILTER@@QAEEXZ
?Initialize@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
??1STRING_ARGUMENT@@UAE@XZ
?Initialize@LONG_ARGUMENT@@QAEEPAD@Z
??1PATH_ARGUMENT@@UAE@XZ
??1STREAM_MESSAGE@@UAE@XZ
?Usage@PROGRAM@@UBEXXZ
?Initialize@STRING_ARGUMENT@@QAEEPAD@Z
?Get_Standard_Output_Stream@@YGPAVSTREAM@@XZ

kernel32

Sleep
GetCommandLineA
GetConsoleOutputCP
WriteFile
ReadFile
GetComputerNameW
GetLastError
FindClose
GlobalUnlock
lstrcmpiW
GetCurrentThread
InitializeCriticalSection
GlobalReAlloc
LoadLibraryW
GetEnvironmentStrings
GetStringTypeA
FormatMessageW
GetFileAttributesW
ExitThread
CloseHandle
ExpandEnvironmentStringsW
GetConsoleMode

msvcrt

_except_handler3
__initenv
_iob

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ