77cb2a5c2f983451ec584eb1af7f394e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

77cb2a5c2f983451ec584eb1af7f394e_JaffaCakes118
Size

368KB
MD5

77cb2a5c2f983451ec584eb1af7f394e
SHA1

6154ef9348f79364a053aa433a69e245a33ef4c2
SHA256

67234547f06a7f6a8967fd9ab5282dfa35ee9eec2aaf2a23b9b0cdff5f77c0b8
SHA512

71d354d270a46e4817459f3a0ac2ccf46040f032c308aeb016201ad6823ec130881f558ecd96b2da4c12d228c46328dabe8fb79465f4114233a061f6962ce32a
SSDEEP

6144:7LC6v7C0VzNmyS7L3aps7NyZXNgDy5jEllQFNDn8dTgYkNnLMrNM7p:/C6v79BTS/V7NSNgW5jElK7IMdLR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77cb2a5c2f983451ec584eb1af7f394e_JaffaCakes118

Files

77cb2a5c2f983451ec584eb1af7f394e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d341eb96abf42a7753f217db7b84e6d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetCurrentThread
GetTickCount
GetVersion
GetCurrentProcessId
GetModuleHandleA
GetCurrentThreadId
GetLastError
GetCommandLineA
ExitProcess
VirtualAlloc
GetStartupInfoA

msvcrt

_XcptFilter
_exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
exit
_strcmpi

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

esmoa
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

msaswiu
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

useii
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE