4709cca55b44bb9e13ce4c1126fde259_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4709cca55b44bb9e13ce4c1126fde259_JaffaCakes118
Size

30KB
MD5

4709cca55b44bb9e13ce4c1126fde259
SHA1

5191451aa890d874ec421adc7b1fa81983b0ee87
SHA256

3f1625333aebd832c0e4500bf2f65667959d31df6990505a4c5fc954f9472042
SHA512

ff52e8aaeec02519ca96ccb67c7e70cb57389fcb52556a1473fca686ada50c1d28699b24d4da92fd2160df56c2c5c97c47fc310a9ed0d5c487872c88550823a2
SSDEEP

768:TovGIlGg7z3eHFWAYI3b063uG9LdWqiQ9u3:8F0gfuHUgVdNiQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4709cca55b44bb9e13ce4c1126fde259_JaffaCakes118

Files

4709cca55b44bb9e13ce4c1126fde259_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19444855ef0d0f9d35b0eef45e1baf94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetCPInfo

msvcrt

memset
abs
memcpy
ftell
wcsncmp
rand
_snwprintf
_wctime
__p__commode
atoi
_vsnwprintf
_getcwd
tolower
_pctype
_wcsnicmp
strspn
strncat
strrchr

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ