599c24884d2075aa5fe6803dd3f1d8fe_JaffaCakes118 | Triage

Sharing

General

Target

599c24884d2075aa5fe6803dd3f1d8fe_JaffaCakes118
Size

83KB
MD5

599c24884d2075aa5fe6803dd3f1d8fe
SHA1

aef86df88688901ed745026cf519b4e1b5488ad1
SHA256

76f1abf7a0e74dd985095dbde4e02b2c2bc6dcd24e25f0089000cdca0520f876
SHA512

97ab6f847b9ad1377a34c1c59f556a847513879ea7e7adb72b8debacf24f6f7df6dd540cbb2a2c32c38fce0edbfad6b8f9d208da01cb5e8ce48b6e881bd5e684
SSDEEP

1536:+5xGTPjvWpU08U51qZEDxvX5Q7pLk8nLzk0MLjKT:K8TbWpF1NxvX6tk8nLzkbC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
599c24884d2075aa5fe6803dd3f1d8fe_JaffaCakes118

Files

599c24884d2075aa5fe6803dd3f1d8fe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6d6c57030b91e259c2117c70ea51ee10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
_onexit
malloc
fwrite
_except_handler3
__set_app_type
fclose
_acmdln
exit
_XcptFilter
__setusermatherr
_exit
strlen
_adjust_fdiv
fseek
_initterm
sin
strcmp
fopen
printf
__getmainargs
fread

kernel32

GetModuleHandleW

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ