63e5fbd5984d2a5f06e0991bfa971725_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63e5fbd5984d2a5f06e0991bfa971725_JaffaCakes118
Size

48KB
MD5

63e5fbd5984d2a5f06e0991bfa971725
SHA1

293f6cc7ee0a6c8dd67dbfb701f65f43f3b2c63a
SHA256

397e21937e28a5550e29e1b43007eb9182f968c0d437b67380597948451fba03
SHA512

cb7632892abee6270d20edd9abbebad003212cbb412fc684446f607fa067720fb6ecc6349228bf926659264dc76f7d76fecd17896130d4b8042ecd30bbc21ce2
SSDEEP

768:RDUUnXiQdcnbA4cEIjy0or2Lbg5FXp65XA6DM+B4E2fDXcd8K:DXbCM41IMtpKMHbcd8K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63e5fbd5984d2a5f06e0991bfa971725_JaffaCakes118

Files

63e5fbd5984d2a5f06e0991bfa971725_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b862bcdfd5f35c34bd40a999dae9de30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemTimeAsFileTime
HeapAlloc
VirtualAlloc
VirtualFree

msvcrt

__p__fmode
exit
fwprintf
isdigit
srand
strspn
wcscpy

ole32

CoCreateInstance
CoGetMalloc
CoInitialize
CoInitializeSecurity
CoTaskMemFree
StringFromCLSID
CoCreateGuid

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ