47132279855039840db68b491148a208_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47132279855039840db68b491148a208_JaffaCakes118
Size

209KB
MD5

47132279855039840db68b491148a208
SHA1

e7185f730d571f3395dce7a6aabd1b5ec93f1133
SHA256

79e3855d68bb7c63ec40ed5d65dfbc3604b273872be82c3867cc352beb51550d
SHA512

06a4a53036d2d90e95a8d0d47d7c347b27426899111c3479a97524f826f59aba740ab8249961a8e20cf6cc26398b7782eaefbc993e9b0480513fa8423c6cfa89
SSDEEP

3072:eiv6oEgQiPmsRcEgpICcl7wy27Js6KpQXQzPGHeoNj1ie:kFg5RcEgpI9N27CjSALI96e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47132279855039840db68b491148a208_JaffaCakes118

Files

47132279855039840db68b491148a208_JaffaCakes118
.exe windows:1 windows x86 arch:x86

cac9d4d27304a6a20d5bb5909681bc0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
FreeEnvironmentStringsA
HeapCreate
WaitForSingleObject
SetEndOfFile
GetModuleHandleA
SetPriorityClass
LoadLibraryW
IsBadStringPtrA
SetThreadAffinityMask
GetStartupInfoA

msvcrt

__set_app_type
_adjust_fdiv
__getmainargs
_except_handler3
_XcptFilter
_filelengthi64
__p__commode
_adj_fdiv_r
_acmdln
_ismbcdigit
__p__fmode
fputwc
_putenv
memcpy
_filbuf
_wspawnl
iscntrl
_execvp
_initterm
_exit
_controlfp
exit
__setusermatherr
_strnicoll

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ