5e23d8b667c1aea67d93819c15da872c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e23d8b667c1aea67d93819c15da872c_JaffaCakes118
Size

59KB
MD5

5e23d8b667c1aea67d93819c15da872c
SHA1

e1b55528deb7addca56458886b0fa5baf8c9fc4f
SHA256

fbec950ecc37c463c924b2890bd1c053e7c572b169f51a723d4789fab05c3fb1
SHA512

84899dc431473d5e14641ba1aae20921e4f4dde703c0cf5b6b9365dd4a1a145823d93c429f61b5034794fb10db10a9a2bd02c645a8d8934f5c29cc811c894d23
SSDEEP

1536:sNSAoXJZXX5PMREg9W8upGYuVaA+fkILYOU:w4J9X5PMRzg81Yu3+MIcb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e23d8b667c1aea67d93819c15da872c_JaffaCakes118

Files

5e23d8b667c1aea67d93819c15da872c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f818c9e1378669a176110e91bb0c04e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CopyFileA
CreateMutexA
ExitProcess
FreeResource
GetACP
GetCommandLineA
GetLocalTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemDirectoryA
GetWindowsDirectoryA
Module32Next
OutputDebugStringA
ReadFile
RtlUnwind
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx

msvcrt

__getmainargs
__p__commode
__p__fmode
_except_handler3
_exit
fprintf
rand
vswprintf

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ