1ab19c641a2af4ff38062b5a2c5bb244_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ab19c641a2af4ff38062b5a2c5bb244_JaffaCakes118
Size

26KB
MD5

1ab19c641a2af4ff38062b5a2c5bb244
SHA1

06ef314139419b23fbc42d49cc6dfbb8b4b21434
SHA256

9ed829d1f3b00e3e72924657bd0a2293c6f7f58b1f87fb69f91e30d1ba0b0a2c
SHA512

e3e3ab0cca9f99ac5ad4d7fe0e5c699f728f71e5c8a75079b30693c48070adcbf28ddd79c3d19bcffcc40200b2ddb99b145e17d641110a9c56ade251bb8a1b91
SSDEEP

384:Hv+KfJ+PYgOpf8POH2/gzlM8aKmpESsfMLYKti8O4P071NKBuKh:P+KHOgzqvEALYKHDkNI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ab19c641a2af4ff38062b5a2c5bb244_JaffaCakes118

Files

1ab19c641a2af4ff38062b5a2c5bb244_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b5cdeafef313860995953999b88436d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__fmode
__set_app_type
_except_handler3
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_controlfp
_exit

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
LoadLibraryA
GetNumberFormatA
Heap32ListFirst
SetDefaultCommConfigA
GetStartupInfoA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ