3d626f1cb6fcef93c78255f860e36548_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d626f1cb6fcef93c78255f860e36548_JaffaCakes118
Size

52KB
MD5

3d626f1cb6fcef93c78255f860e36548
SHA1

768c552dfc10eef79fe08dff6861c7286af885c9
SHA256

1bf3d139e1172fa6f9b49d800c748c5bd0bf5a433885ee272033d18dbd96546f
SHA512

5092726db168db3ac88bf39e2ca1f74eddfec62177324a9fe68b59527075f4790d1f377e92d3ae1c4aa3e7e56d2806dc244e10ad89537c25f3a723d490abe8be
SSDEEP

384:nV9EU+CadSX3+MXo9NkiCptf8gdJ+GkepS+kYCA5hfxx3do:V/OYXuMSkiCjf8FGoifxx3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d626f1cb6fcef93c78255f860e36548_JaffaCakes118

Files

3d626f1cb6fcef93c78255f860e36548_JaffaCakes118
.exe windows:1 windows x86 arch:x86

394a515fc93d8f0f904c9e8239703267

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetTempPathA
GetTickCount
RtlUnwind

crtdll

__GetMainArgs
atol
exit
fclose
fgets
fopen
fputs
fseek
ftell
getc
memmove
printf
putc
raise
rand
signal
sprintf
srand
strcat
strcmp
strcpy
strlen
strncpy
system

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 294KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 822B - Virtual size: 822B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 924B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE