4daf719226af28c92c926ba893df4c00_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4daf719226af28c92c926ba893df4c00_JaffaCakes118
Size

149KB
MD5

4daf719226af28c92c926ba893df4c00
SHA1

e80cc0c863b8a2f418d37c14292784f076ed53e1
SHA256

a793d6b90ae0ab60845d9ebc0939f854c335ae776c83069f6464f7af20b25564
SHA512

3767083359fa1dd60f9bfb0123a095f3f42dbbb993274444d664e5f10190ab065022c231fd34ba63ee1509a6bd7b81d45e01da87ebbf4c527f2bedb92acc589b
SSDEEP

3072:hrBEj4sNfzPxn1LEHsaqb67S3C3kibNs4lrA9lc:hre8shpJajG3Xs64lE9C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4daf719226af28c92c926ba893df4c00_JaffaCakes118

Files

4daf719226af28c92c926ba893df4c00_JaffaCakes118
.exe windows:1 windows x86 arch:x86

bf2ea68d2de4d23f16a54f27060839e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_mbscoll
_creat
exit
_stati64
wcscat
_gcvt
_controlfp
_acmdln
__setusermatherr
_tzset
__set_app_type
wcsncmp
_adj_fdivr_m32i
_XcptFilter
_fcloseall
_stricmp
_putwch
_mbsicmp
_getche
printf
_mbctohira
putc
_adjust_fdiv
memcpy
_iob
_exit
asctime
__p__commode
_vscprintf
iswalpha
__p__fmode
_initterm
_except_handler3
_wfsopen
_wspawnlpe
__getmainargs
_snwscanf
vfwprintf

kernel32

lstrlenA
WriteConsoleA
GetCommandLineW
FindFirstFileA
GetVersion
UnmapViewOfFile
ExitProcess
InterlockedExchange
FreeLibrary
GetThreadContext
GetModuleFileNameA
GetFileTime
LockResource
GetStartupInfoA
FlushFileBuffers
GetModuleHandleA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ