495c24e37ca483de573245ebb1bc7957_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

495c24e37ca483de573245ebb1bc7957_JaffaCakes118
Size

146KB
MD5

495c24e37ca483de573245ebb1bc7957
SHA1

12082bd392c8885d24c97e831333c7700cca7f25
SHA256

0291b3c0fde362e67193ab0101ade08118a2b72f6d1da3781aa2e030770fc447
SHA512

4744170cf9ecfdc3b48d912dda9bd948e8da3d5bde4e959650f7d7b56ba4a61b4d55cf8e812674bfd1b9fd69c5d8e7ad43c64b08e571d900deef7912cd34dc74
SSDEEP

1536:RLEb5Sp+OKO/iSjIgHvDB0ikjRvCY2UbRP6JLfiRt3BJuss3T27yO+AfqgMrBHeL:GSpaO/ifgPDKUY2Ud8L6Rt3o3oyOvCQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
495c24e37ca483de573245ebb1bc7957_JaffaCakes118

Files

495c24e37ca483de573245ebb1bc7957_JaffaCakes118
.exe windows:1 windows x86 arch:x86

1c4250421e9e632bce27465aa43f1d43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_exit
_adjust_fdiv
_ultow
__setusermatherr
__p__fmode
memcpy
_vscwprintf
_flushall
_initterm
iswalnum
vfprintf
_acmdln
_ismbcalnum
wcsncmp
fgetpos
fwscanf
_XcptFilter
_ismbbalpha
_mbctoupper
_wgetenv
_wexecvp
_controlfp
_except_handler3
__getmainargs
_wfullpath
isdigit
__p__commode
_fcloseall
_wasctime
__set_app_type
_mbctype
_snprintf
_rotl
_mbsnbcat
_mbscat
exit
_mbsnset
fputwc

kernel32

TerminateThread
GetModuleHandleA
SetLastError
GetStartupInfoA
GetVersion
GlobalAddAtomA
lstrlenA
SearchPathA
IsDebuggerPresent
lstrcmpA
InterlockedExchange
WriteFile
GetModuleFileNameA
GetTimeFormatA
FindResourceA
SetHandleCount
GetFileAttributesA
EnterCriticalSection
WriteConsoleA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ