5e8b49a88164ba5474e7ec802448ee12_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e8b49a88164ba5474e7ec802448ee12_JaffaCakes118
Size

15KB
MD5

5e8b49a88164ba5474e7ec802448ee12
SHA1

65c53fa9fad685a6f404a6db684ce48a3a5d150c
SHA256

a6703bccf8e552aa7022ae005ecef61adcc26cdef7d82cf351008a92cdf70cda
SHA512

356b6557d4ee9ae74791a2d5644bab105adc7c8304bd5d449f75700ed2c4f0c5eb38945cfe37b9861d70cece9dcadf376fc9a134b8efa8f7a62a5a9184d51a36
SSDEEP

384:FssBtcx1bEXpiEfQF3UYioAb+F9crKxHj7YuW/zPC:FN2bWpiEfQOYifqFWrKxHj7Yuaz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e8b49a88164ba5474e7ec802448ee12_JaffaCakes118

Files

5e8b49a88164ba5474e7ec802448ee12_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2972c372fdb0054807bac9dbba3065e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetExitCodeThread
WaitForSingleObject
GetProcAddress
GetModuleHandleA
CreateProcessA
SetLastError
GetCurrentProcessId
SleepEx
GetLastError
FindFirstFileA
FindClose
GetVersionExA
GetEnvironmentVariableA
Sleep
LoadLibraryA
CreateFileA
WriteFile
DeleteFileA
lstrcpynA
GetStartupInfoA

msvcrt

strcmp
_snprintf
strcpy
calloc
malloc
memset
_isctype
__mb_cur_max
strchr
printf
atoi
free
_vsnprintf
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strncpy
memcpy
strstr
strlen
_pctype
_stricmp

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE