1bac4c1da5ab8e22e0dec6bc0ac77464_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bac4c1da5ab8e22e0dec6bc0ac77464_JaffaCakes118
Size

90KB
MD5

1bac4c1da5ab8e22e0dec6bc0ac77464
SHA1

82c7426d0a473d3a9508e12b5968e09006c3d47b
SHA256

2549179d3980ba12dc1367527c0e049023320acd2bba133ce8dbf9af5df7ac2e
SHA512

cb0bf07a8a40fa8987594aec15189fd104f845b2c9caefa53b8854f142264ba734548478e38fc1522248ee6bbfb0d943a1bf9521eec82a1c501e97e05c1e1494
SSDEEP

1536:+opdnTpuQhSzY2YQOzzvRK4p/GSiPLKFkgwWb0cqpo4rz9jem8cDlpEHihpzT8Lm:tXnTpuQhKYQ+K4o+nb/m/JZ8qpzT8Lm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bac4c1da5ab8e22e0dec6bc0ac77464_JaffaCakes118

Files

1bac4c1da5ab8e22e0dec6bc0ac77464_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a80849b3706886ab95a82c45fb41d61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imagick

ReadImage
DestroyImageInfo
DestroyImage
DescribeImage
WriteImage
SetImageInfo
MapImages
DestroyImages
AverageImages
MogrifyImages
Exit
IsGeometry
PostscriptGeometry
Latin1Compare
MagickError
ExpandFilenames
GetImageInfo
SetClientName

msvcrt

srand
atoi
_iob
sscanf
strncmp
printf
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE