233aa6bd1a3778f198a50ff8029899d1_JaffaCakes118 | Triage

Sharing

General

Target

233aa6bd1a3778f198a50ff8029899d1_JaffaCakes118
Size

62KB
MD5

233aa6bd1a3778f198a50ff8029899d1
SHA1

bca3c50147490087b58c4b58584c1f78a40a9519
SHA256

90743f5bbca5a489da8355199fd7dad25d889c9c66612bdd45c506ee8e72f9be
SHA512

9ec8c791a4129a93fbf39337371185c62394b0a10bdb5c57107b7ffe79ee339a6fde2c2e4c20f1a00c1a807200b92f6f984bfa8e9de7ce364567be5a706ac850
SSDEEP

768:ALhUPkM3Mn0NLBqUzCCTCDIdO/6ipg/Uixzq2ClgXRH6sKffxdl8W0JJdo9ZMdO1:7J3M0gCTuIsCSnJehH6sKh/8xJJdo9l1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
233aa6bd1a3778f198a50ff8029899d1_JaffaCakes118

Files

233aa6bd1a3778f198a50ff8029899d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e034be6902f6f0d97730d3282c815714

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
AddAtomA
GetTempFileNameA
GetEnvironmentVariableA
CloseHandle
GetFileSize
CreateFileA
GetModuleFileNameA
GetModuleHandleA
HeapAlloc
GetProcessHeap
GetStartupInfoA

msvcrt

time
fclose
fread
fopen
fwrite
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit

Sections

.text
Size: 975B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 793B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 177B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE