7689fd33c4424c3cb9d274ac47428777_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7689fd33c4424c3cb9d274ac47428777_JaffaCakes118
Size

13KB
MD5

7689fd33c4424c3cb9d274ac47428777
SHA1

f65d88da0d87cdc1921560e52beef56bd2944e1d
SHA256

96584b9a6706f87100a68d2118c426f2e596e248f0cd202f7b90d6fbe947b968
SHA512

17735c9892ef9cca8bc56f38c1acd7e986d992df61b3e008fb55546f56fb9f783fef8ceb0349c614f2ec04e93808102742d56e931bca7874ddadfa2af8b6a18a
SSDEEP

384:8PiYPFyNHJJgQ/VxoJuHDqXzT9mwoo+gl3:8PrM3JnXoJkyzhmwoo+gl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7689fd33c4424c3cb9d274ac47428777_JaffaCakes118

Files

7689fd33c4424c3cb9d274ac47428777_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9c82891024cf6f6d1ba50c015150567

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

strncpy
strstr
sprintf
RtlRandom
atoi
strncmp
memset
_chkstk

iphlpapi

GetAdaptersInfo

kernel32

GetModuleHandleA
TerminateProcess
VirtualFree
CreateFileA
Sleep
GetCurrentProcess
CloseHandle
VirtualAlloc
GetProcAddress
GetLastError
ReadFile
GetSystemDirectoryA
GetModuleFileNameA
GetWindowsDirectoryA
GetTimeZoneInformation
SetFilePointer
SetCurrentDirectoryA
WriteFile

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ