222aa9062cebf6536d466c76c36dc4ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

222aa9062cebf6536d466c76c36dc4ba_JaffaCakes118
Size

50KB
MD5

222aa9062cebf6536d466c76c36dc4ba
SHA1

4e34da8c7dcdb5a502684c4b04bb3bda649c829c
SHA256

19f28dcbb3e64241efc197a7fc26a7b2723a48db222b1d0807059662939cc4bf
SHA512

30083485fc27f214db8fffb174be82f0eb7977ca97406125ecb801b41bcb0d15fb195c53f95e93b89c435bf5933ec1e98eeab3c6e4ec6409b98d1cdde6ec2856
SSDEEP

768:LX7kJfhXu2TTTTgZGsjlzr2oLGWRlYSTRsx7/WvArv14MdVKMQeBQSW:LgJ1TTTcoMCemCIeKv/dV/QeK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
222aa9062cebf6536d466c76c36dc4ba_JaffaCakes118

Files

222aa9062cebf6536d466c76c36dc4ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e13b288cce228ef51be9535931f9b7ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

printf
memset
time
_exit
_XcptFilter
exit
_acmdln
__getmainargs
strcat
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
free
memcpy
??2@YAPAXI@Z
strstr
atoi
_except_handler3
strcmp
strlen
malloc
_initterm
strcpy

kernel32

GetModuleHandleA
GetProcAddress
LoadLibraryA
FindResourceA
SizeofResource
LoadResource
LockResource
GetTickCount
Sleep
GetStartupInfoA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ