3da4c9e939525c8ce5609618c63da5b1_JaffaCakes118 | Triage

Sharing

General

Target

3da4c9e939525c8ce5609618c63da5b1_JaffaCakes118
Size

82KB
MD5

3da4c9e939525c8ce5609618c63da5b1
SHA1

1c8ed231aa92b85d6276c9998bf29204e6ec9415
SHA256

dd3e5c2a33391593420710668d3fde08fd699aa0c0f4d7601a87394c86e1f58b
SHA512

6c8cc801af1f81c02e192ac081078ad6ca6c252194bf44778a38211184333efaadc70ffe3b7b0a231de209f2f685d9f4b73418770624c52e51bf645391d5a18e
SSDEEP

1536:PewamcRW4nWFpTQPHagIZi9yWwRJLeANTFikHyLUi5r17iEfK9tzMXDOC:PcA4nEyAoyRJL1NTFpyLUQJ78eOC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3da4c9e939525c8ce5609618c63da5b1_JaffaCakes118

Files

3da4c9e939525c8ce5609618c63da5b1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

af39a895d5b6a32c50333811fa9d03c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
fclose
strlen
_initterm
_adjust_fdiv
strcmp
_acmdln
strchr
__setusermatherr
_except_handler3
_exit
__p__commode
malloc
sin
fprintf
fopen
_onexit
calloc
exit
__set_app_type
_XcptFilter
fwrite
__getmainargs

user32

GetDesktopWindow

kernel32

GetModuleHandleW
GetStartupInfoA

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eskhtws
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE