258784d95d032721a85062e5454f53ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

258784d95d032721a85062e5454f53ad_JaffaCakes118
Size

41KB
MD5

258784d95d032721a85062e5454f53ad
SHA1

9b1fef72ca18894c83ab88085fe50578d4217cb3
SHA256

618387dbc9877df20bdf0d30966863f4e6a24e81b90c1bae3cfa837dbbbdf609
SHA512

3c3de6eb2c84f0f86cb633fbf633d1a769d95128220c3f21db8a6c131db28db5153a86e432c3e7b8152727a3b742fdf8f79c4792613d9dd6d8464c6a9310f14f
SSDEEP

768:A1DeXABDPk5g1Hy2Cb7Ihw9ZYOTX+KnD4lRd9t/nTfc14:A1a5ghg/9ZYOTuK0nbpQ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
258784d95d032721a85062e5454f53ad_JaffaCakes118

Files

258784d95d032721a85062e5454f53ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17a2446bacd595182f178ac0a4964c7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memcpy
sprintf
getenv
memset
_exit
_XcptFilter
exit
_acmdln
__getmainargs
??2@YAPAXI@Z
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
atoi
_except_handler3
_ftime
strlen
_initterm
srand

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
Sleep
GetStartupInfoA

user32

DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
DefWindowProcA
PostQuitMessage

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ