4c044fa7ac05241738ae856d01bcf070_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c044fa7ac05241738ae856d01bcf070_JaffaCakes118
Size

69KB
MD5

4c044fa7ac05241738ae856d01bcf070
SHA1

3e3ab19e7e10cca4ec1d2a9da79b8b0ef5a91606
SHA256

a1376e8b0d11e98baa844fc5d9f9a7cd05025dc5feb8d112b1302682e80ff864
SHA512

f31857771cfe2cb63e1c811a3fd02a1358b21f71401c20afb8e8f18690e6b0e7eae14ac1bc3e5a5a0c6c41a64618d75bd64c20a3d54415b5825ed5fc999d2d8d
SSDEEP

1536:/+SptGcGKNOVYAyBwlb4NYTKxcv/5ySJdyHS2A:/+YtGcGgOVEw1oqV/5y4dyHS2A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c044fa7ac05241738ae856d01bcf070_JaffaCakes118

Files

4c044fa7ac05241738ae856d01bcf070_JaffaCakes118
.exe windows:5 windows x86 arch:x86

252a8fab39f4f6855fe1bb2fd65c43a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_initterm
__p__fmode
_XcptFilter
__setusermatherr
exit
_onexit
_adjust_fdiv
_setmode
fwrite
fflush
strlen
strncpy
_except_handler3
memmove
_exit
strcmp
sin
_acmdln
__p__commode
malloc
fclose
__getmainargs
fprintf
free
__set_app_type
fopen

user32

GetDesktopWindow

kernel32

GetModuleHandleW
GetStartupInfoA

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ