311e92bfdd64692eb495ba693e2f0752_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

311e92bfdd64692eb495ba693e2f0752_JaffaCakes118
Size

598KB
MD5

311e92bfdd64692eb495ba693e2f0752
SHA1

3fa2fee23a5409882944bc5dfdc04715894010ac
SHA256

12157e3fec8c476af45cdbd04f9e1387078f552fd3902602ef828a92740e9013
SHA512

46e9693f4fe6ea64914e2f00801a886f10c692758a948058481d79e72bdcab8b6289c450cdd005dd28de359e60f20ac82a308628a3dc5dfedf079adc365c20a6
SSDEEP

6144:81Gqz/DXRu66f1MhqqxvMv6j7u2t2Nitqvfk7t7TvPDbe+MPhfHabbXh5SSHQ8t0:8H/1ueqqevIKCYvfkZv3DM5UR5oS2dbz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
311e92bfdd64692eb495ba693e2f0752_JaffaCakes118

Files

311e92bfdd64692eb495ba693e2f0752_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f0d4d888365525da27840d92b16e9939

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
_acmdln
__set_app_type
_controlfp
_except_handler3
exit
_XcptFilter
_cexit
_exit
__p__fmode
_c_exit

kernel32

GetModuleHandleA
GetStartupInfoA

hypertrm

MessageLoop
InitInstance

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ