18c1a605a262d2090ad01dd974b77dd9_JaffaCakes118 | Triage

Sharing

General

Target

18c1a605a262d2090ad01dd974b77dd9_JaffaCakes118
Size

42KB
MD5

18c1a605a262d2090ad01dd974b77dd9
SHA1

09b29820d0ef68940e4e0cf38ff58610a56b2607
SHA256

d34f59ca442f3904ccb3057b794600634b2df1dd40c30400a4886521358dd61f
SHA512

17fcc26f0fffc736bb0578c9dc1f89cc0b6d70e26ffb67de411d572629d0cc315635e9e968eeca27fea4f09ee8e8417c7782e11304ed6f9252d800bf259c8327
SSDEEP

768:63BuN33BuN4zvbMsezvbMstKcE8WKcE8F+3T3EIQ+3T3EIMQv/7Qv/:6363Drqrh3E13ET3Ig3IPa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18c1a605a262d2090ad01dd974b77dd9_JaffaCakes118

Files

18c1a605a262d2090ad01dd974b77dd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5bc8b9b71034ff98c16eca048a1a9023

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
sprintf
memset
_controlfp
strlen

kernel32

GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
FindResourceA
LoadResource
LockResource
SetFileAttributesA
DeleteFileA
CreateFileA
SizeofResource
WriteFile
CloseHandle
CreateProcessA
GetStartupInfoA

user32

CharToOemA

Sections

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ