2323344218a9b1e9fddc2d142519add1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2323344218a9b1e9fddc2d142519add1_JaffaCakes118
Size

94KB
MD5

2323344218a9b1e9fddc2d142519add1
SHA1

c0894c6af1599aa9eedbb98519be8c984d97609b
SHA256

0f1019b6a6a01410cc8baf9035a4f3d81c810f532286d5994b461f60f5087101
SHA512

64234a4b364a7aae03ba68acc4127139491a481d7f967a93f37154af31f524066093abca40d4dbb2ac3bac5adb70bfa18fa3343bd569f53cb68777b5c9c24eca
SSDEEP

1536:flPW5ARsmzsbK8KQhn+0zbgxMkjROZA7sl6iuNhjDYsKE7jwaaHw7Koj4r41meg:c8sSsbsQDvdWOesQBusjwaaHw7Koj4rt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2323344218a9b1e9fddc2d142519add1_JaffaCakes118

Files

2323344218a9b1e9fddc2d142519add1_JaffaCakes118
.exe windows:65535 windows x86 arch:x86

ab74953288f012165ba503719d6b759e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateFileA
VirtualProtect
GlobalAlloc
VirtualAlloc
GetCommModemStatus
GetFirmwareEnvironmentVariableA
ExitProcess

msvcrt

__p__commode
_except_handler3
__set_app_type
__p__fmode
__setusermatherr
_adjust_fdiv

Sections

.text1
Size: 60KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ