1a17791dc9ea6961b086d66faf39f6ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a17791dc9ea6961b086d66faf39f6ad_JaffaCakes118
Size

36KB
MD5

1a17791dc9ea6961b086d66faf39f6ad
SHA1

964aace7cc4b2cfb0ca1507c22876bfe07f1a59f
SHA256

980f08afe68fde5a464fa6af526c2843e3127c1900d3880c118d9d7d88197fe0
SHA512

582c7a36bee0b3d99c8ebc2702a797466079011bd484628c7e68ffd31b68321e0a27a7e35a8a8fc3c03f6469f025fb3fe2e2b38a941e98c6b4ecd9d058bc7484
SSDEEP

384:gDxYnqLXGM81x66QKTHvJ6+Nc/mwGyzWJsWUAXcS4Opn:fxqK1weuAiOB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a17791dc9ea6961b086d66faf39f6ad_JaffaCakes118

Files

1a17791dc9ea6961b086d66faf39f6ad_JaffaCakes118
.exe windows:1 windows x86 arch:x86

c4ed528e623214aba08b993341ae523c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetLocaleInfoA
SetLocaleInfoA
CompareStringA
GetProfileStringA
WritePrivateProfileStringA
GetOEMCP
GetACP
GetSystemDefaultLCID
GetModuleHandleA
GetStartupInfoA
GetEnvironmentStrings
GetCommandLineA
WriteProfileStringA
ExitProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetCPInfo
GetStdHandle
GetFileType
VirtualFree
VirtualAlloc
GetLastError

user32

MessageBoxA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 746B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE