44050209552ef53fb9966b1286cd2e6e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44050209552ef53fb9966b1286cd2e6e_JaffaCakes118
Size

84KB
MD5

44050209552ef53fb9966b1286cd2e6e
SHA1

1e4f7a6ba907574953a5bf5f5c65bd7f7b059e71
SHA256

ba5a40e9691bea14f0747cd041c0ffb4bacc8021721728e312bd5b49316af3b2
SHA512

39084adcfd3d1e6588edc6b266b0a86994c4fa11db7875a85a61bbfa55a0b26c9f1f22763531912ce914014d6351c4416de7b9344058b1e12891fb5de3938372
SSDEEP

768:0b0pmRSZQX0UzphbmqakMCnBFTLfnLBxcQ+x3oVFrb59z8Lm6t+moB39wZ0zJSD5:0q5ZQXZhbPamFPz8LMhNiQ81QL43yPU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44050209552ef53fb9966b1286cd2e6e_JaffaCakes118

Files

44050209552ef53fb9966b1286cd2e6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ceb8e6232cd99b6b20160b4be0400ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fwrite
_XcptFilter
cos
fputs
atoi
strcmp
__getmainargs
_adjust_fdiv
_acmdln
__p__fmode
fclose
_exit
malloc
fopen
exit
_except_handler3
_strnicmp
__setusermatherr
free
_initterm
__p__commode
getenv

kernel32

GetModuleHandleW
GetStartupInfoA
VirtualProtect

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ