47abd843ad133763c2d3200122d1f9e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47abd843ad133763c2d3200122d1f9e9_JaffaCakes118
Size

289KB
MD5

47abd843ad133763c2d3200122d1f9e9
SHA1

2a449f8ceb0af5d722b89537297bad4205cf1887
SHA256

57d3ecfa8d4d83a92f5815fb2d6106d5c01dc542fa99a80e323501db90815229
SHA512

525d51033e75b9762c49904a8b7c3af9b7fbf97f770d11278a969b8bb7fcfa492b8a7668feb6a43fc73b087353f6f818ba74df781d17a9f04ff6ea44b999011e
SSDEEP

6144:V0IxaVc/k7o0f42Q6SZJCz+TtgEO+MdYhGTWqt:V0IxaVBnE7lhfOuGJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47abd843ad133763c2d3200122d1f9e9_JaffaCakes118

Files

47abd843ad133763c2d3200122d1f9e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fdf315a0a10f2975bdec0f493bf9d6c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
ExitProcess
FindAtomA
GetAtomNameA
GetCommandLineA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
SetUnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_onexit
_setmode
abort
atexit
free
malloc
memcpy
signal

user32

MessageBoxA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 96B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE