4b29e34c3f2234ea63da42941025821e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b29e34c3f2234ea63da42941025821e_JaffaCakes118
Size

149KB
MD5

4b29e34c3f2234ea63da42941025821e
SHA1

b4e200f4660a7db2e36646d1280fcbe558f34f1e
SHA256

51ddd9f52b5074e67570b5c9f52a40efabc90836f7f2f0becd4118bbbd8c41bc
SHA512

ecc999e8544dc968204a32b831954b591578bf2230c15229100423a1dc5b6aa9ad7f719561c98932c3cf7a7fa5a3a455248a53aaa76be003af84d7299fe61145
SSDEEP

3072:PdqG76IrZNMRFryjnTbE5Y7ne3F++O/05068jHY7j+12NlG:Vq86IrZNAFryjnTw5Yy0+0R68jHY21Sk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b29e34c3f2234ea63da42941025821e_JaffaCakes118

Files

4b29e34c3f2234ea63da42941025821e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15e2f3b2a28a16cf2ea9ae7ef687fc3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
ExitProcess
CloseHandle
lstrlenA
lstrcpyA
GetLastError
SetLastError
lstrcmpA
SetFilePointer
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
GetProcAddress
lstrcmpiA
FreeLibrary

user32

wsprintfA

msvcrt

_strrev
_except_handler3
realloc
malloc
strtok
??2@YAPAXI@Z
__CxxFrameHandler
_CxxThrowException
??3@YAXPAX@Z
strstr
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
strchr
_strnset

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ