5ad9d2b6468ef813c68eea4caf87fca1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ad9d2b6468ef813c68eea4caf87fca1_JaffaCakes118
Size

40KB
MD5

5ad9d2b6468ef813c68eea4caf87fca1
SHA1

035c30c8cf9c9eb66f6bd14bb62c4baa5d85d25f
SHA256

e2960a975ae8d6b06c0d12f8f4505692345984cc415c1a8e743c80750e4e1075
SHA512

87f3807e722603486ffa2d6e86b52692392f0675b5c10166da145c6051ee5007a0905a6ae317a3ad4a4a3e368edacf0059e56496770ec6bf1da4c490187685c2
SSDEEP

768:2X0TT0Dsrp4zC7e/bubTygC3+J6i315Xi3C5zMrdzTc41h8dqx636:G0EYKse/qbTygOmDUC5zOhc4u8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ad9d2b6468ef813c68eea4caf87fca1_JaffaCakes118

Files

5ad9d2b6468ef813c68eea4caf87fca1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b6777b75ab5a49f2faa4d1038b424a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
CreateMutexA
EnumResourceLanguagesA
ExitProcess
FindResourceA
FlushFileBuffers
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemDirectoryA
GetWindowsDirectoryA
Module32Next
OutputDebugStringA
RtlUnwind
TlsAlloc
VirtualAlloc
VirtualAllocEx
VirtualFreeEx
lstrcmpA
lstrlenA

msvcrt

_XcptFilter
__getmainargs
__p__commode
__set_app_type
_except_handler3
fprintf
free
fwprintf
srand
wcscat

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ