4dec0c6293c8a45e7dfe1e4cf29f945d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4dec0c6293c8a45e7dfe1e4cf29f945d_JaffaCakes118
Size

40KB
MD5

4dec0c6293c8a45e7dfe1e4cf29f945d
SHA1

19a9f5f9fadf3b2f728bcf7b9ca0136f2d3f736c
SHA256

839a2676eb481c9da4255f9fc83b133f1202d70f491842a22cc7e0b437addb00
SHA512

bf92070a1e4b8d767c65f3393beb0cbf9955f0f89adf753c1cca62fb12f69be68e8755b9c827f0b249d436d558509009e3b50e9fce895f69542ae71fae3f7cb3
SSDEEP

768:0qvEJqfQwm9va3xODaK9FW4taPk9dJEIagv8jdkNNBDQIDBR:71m9C3xWaKnWHadyhk8gV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dec0c6293c8a45e7dfe1e4cf29f945d_JaffaCakes118

Files

4dec0c6293c8a45e7dfe1e4cf29f945d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db5368f16fc036edb0ea87f29001684a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memcpy
memcmp
_umask
??2@YAPAXI@Z
_spawnl
_stat64

kernel32

GetSystemInfo
GetVersion
GlobalAlloc
GetNextVDMCommand
GetDriveTypeA
GetStdHandle

Sections

.text
Size: 13KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE