282a5749978ea3a4809e408428839184_JaffaCakes118 | Triage

Sharing

General

Target

282a5749978ea3a4809e408428839184_JaffaCakes118
Size

15KB
MD5

282a5749978ea3a4809e408428839184
SHA1

89413c435d53656d17137358eb2f1afc99777bad
SHA256

0eb88e3e69399d9b6d14c0ed77ff66e0a9e05da01d98744ab01d38487ab78ae3
SHA512

137a521328829cd794195af30c26f718ebcecfb340ee9092dec294779494853e5725e56c160712181085b3d95507e66db7d26119470fcd51f284a73a9fc326b3
SSDEEP

192:pd/oFYb9vNFGr/64DjtrlI4P4U79g9wQ18Q/nIczCgEC1UJfPSf2s1VMm91Qv:pd/oK8CMjtBIBU7vQ18NczDWJXS+QMmq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
282a5749978ea3a4809e408428839184_JaffaCakes118

Files

282a5749978ea3a4809e408428839184_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a671aadbb9f3a3606dac69fc47e08e8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
CloseHandle
GetTimeFormatA
GlobalFix
Heap32Next
HeapCompact
GetVersion

msvcrt

atoi
strlen
acos
memcpy
memcmp
strstr
strcpy

Sections

.text
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE