1c30ebc67948c5197e10aba3d4a2e5d3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c30ebc67948c5197e10aba3d4a2e5d3_JaffaCakes118
Size

69KB
MD5

1c30ebc67948c5197e10aba3d4a2e5d3
SHA1

4f3cb70e1413b51bc23ee9a2cce18cbaf525844b
SHA256

e45ea4064b09524949ae43b0cf53e039374990e6e37e14478109c0734fba55fc
SHA512

15ef6a4a4da38e1050f4cc65d85506684eb03b84fb678960a66fd263ac9fd7c1b28148c8d38a5c5ef9c96421ca9f0a990c872eec24dd377f36e4b31a375a5ead
SSDEEP

1536:gE5bO5zzqzngoHNNNEUhx/tiLI0PCnROwqchsqTSv3BQ5y:f5b6qTgoHNbE2tiLI0PCnRHhb0S5y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c30ebc67948c5197e10aba3d4a2e5d3_JaffaCakes118

Files

1c30ebc67948c5197e10aba3d4a2e5d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aefc8a4867e62641e356548ca5323eb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fwrite
sin
fclose
_except_handler3
__p__environ
strchr
free
__set_app_type
_initterm
_write
_XcptFilter
strcmp
strlen
getenv
_adjust_fdiv
strncmp
malloc
fopen
_exit
_acmdln
fflush
__setusermatherr
fprintf
_onexit
__getmainargs
exit
__p__commode

user32

GetDesktopWindow

kernel32

GetModuleHandleW
GetStartupInfoA

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE