23c617015ebac74b84d9f155359fd5d4_JaffaCakes118 | Triage

Sharing

General

Target

23c617015ebac74b84d9f155359fd5d4_JaffaCakes118
Size

7KB
MD5

23c617015ebac74b84d9f155359fd5d4
SHA1

c3d40c89b08ade5b900eb0f2c6a7a40b6f848331
SHA256

44b7bbb787127f376e6d7feb273ea4d4374747163530fa306446bcaf28e7f2f7
SHA512

4ba0394079d950254fac195170eb08b027deaa5aa45f2b1a64338804eafd819207d93e613711653c1c5ac56656b522285ab64029c796f4716449a17c627bf978
SSDEEP

48:Cb1NbKXlDcHuCdUkQ9oYvuC8GPdGjLrtvrvcE9foTk04USODXF/4ZFzMUoyl1rca:Czok2rvuB9Nol47OXF/yFzMUoynRKe5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23c617015ebac74b84d9f155359fd5d4_JaffaCakes118

Files

23c617015ebac74b84d9f155359fd5d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

67d1f494ff08fa63c4295d564733e804

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5572
ord690
ord665
ord1979
ord6385
ord939
ord540
ord389
ord5207
ord5356
ord1988
ord860
ord2919
ord800
ord353
ord2915

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
strncmp
exit
__CxxFrameHandler
sprintf
_except_handler3

kernel32

GetModuleHandleA
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
CreateProcessA
ResumeThread
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
GetSystemDirectoryA
WaitForMultipleObjects
CreateThread
WinExec
GetStartupInfoA
lstrcatA
CopyFileA

shell32

ShellExecuteA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE