1bd16575d8e3fa29d44fec41411ab18e_JaffaCakes118 | Triage

Sharing

General

Target

1bd16575d8e3fa29d44fec41411ab18e_JaffaCakes118
Size

187KB
MD5

1bd16575d8e3fa29d44fec41411ab18e
SHA1

72d6764a59b5556aadb488ab23e9818a85b4780e
SHA256

86992f7331aeef9c50a3e213b19b69faeb0acbb6419219a8abe4a8e405f6dd04
SHA512

3443bcffc74a76e5f39a8b93d9d8734311f1ac78738b5bfd81c99f74b20a39e029c4360890d9b0ae9f0227b9f702ea988b38b147fcdbfbc6ed4110f1bddb1eea
SSDEEP

3072:/3lzGx9ggbuQJWqvIoLh+4+lHnTs88Uyxgr0MnE++iQ:/3lzkguh7+lH4j4r2++

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bd16575d8e3fa29d44fec41411ab18e_JaffaCakes118

Files

1bd16575d8e3fa29d44fec41411ab18e_JaffaCakes118
.exe windows:1 windows x86 arch:x86

4da7e8faab253cef6c014f3b5b94a2eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_XcptFilter
__setusermatherr
_wunlink
_wtempnam
__p__commode
putchar
asctime
_exit
_spawnlp
__getmainargs
__p__fmode
exit
_wutime64
_acmdln
wctomb
_ismbcupper
_except_handler3
getenv
_wexecv
_ismbbkpunct
_getsystime
_filelengthi64
_ismbbalnum
_clearfp
_getw
wcsncat
_rmtmp
iswctype
_execl
_wcslwr
_wspawnv
memcpy
_adjust_fdiv
_wgetdcwd
_dup2
_mbsbtype
_initterm
fprintf
__set_app_type
_controlfp

kernel32

TerminateThread
GlobalAddAtomA
HeapReAlloc
SetPriorityClass
MulDiv
GetCurrentProcessId
GetCurrentProcess
GetStartupInfoA
GlobalReAlloc
GetModuleHandleA
LCMapStringW
GetFileType
FreeEnvironmentStringsW
Module32First
GetModuleHandleW
GetVersion
InterlockedIncrement
FindClose

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ