8719f94438d89ff92d34447d33923504_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8719f94438d89ff92d34447d33923504_JaffaCakes118
Size

107KB
MD5

8719f94438d89ff92d34447d33923504
SHA1

137b51713496226b841352edd7ea0ebe29d735ee
SHA256

802bad4a8b8d1bd7d3818da28c21a7406bb23806577f49c0739a72b5ab10f413
SHA512

9f990299fb21821a912b07217f3ae42ab1d6a170dcead40f203a366c8862e13380893c8b7824ca6f4742a89006076f9dc2053484779d62f91ff6b5894eb210af
SSDEEP

3072:6d1FWz7XKBIH8f5G8XRYnKAGgc1mTlHeWghk7CM7:6FWn9HKRRgNmhk7CM7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8719f94438d89ff92d34447d33923504_JaffaCakes118

Files

8719f94438d89ff92d34447d33923504_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3c1690902b9efc6dd489276e1f23d6c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

kernel32

GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetTempPathA
RtlUnwind

crtdll

__GetMainArgs
exit
fclose
feof
fgetc
fopen
fputc
fseek
raise
signal
strcat
strchr

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 596B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 692B - Virtual size: 692B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE