87666ce5bd14cedc012b233a3894f886_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87666ce5bd14cedc012b233a3894f886_JaffaCakes118
Size

182KB
MD5

87666ce5bd14cedc012b233a3894f886
SHA1

b24729aa4a668a220354fc8339d7efdaf7ee1747
SHA256

24a298f7c975cc141c9d07e3e65c988cfb8445020ea48afc21ca1fe9660af5e1
SHA512

99f0ca376cf8b8064c1c48a2a3f5522c0f708fd5b10993a8da89ed1d5c7026858bf1198203e8a2cb8364bc82d17c7b057b9b7e51d795d57920bc31fc05a679bc
SSDEEP

3072:/M4ZKe34isB+1PNFfvPV1bB3QJ5o5nyShMvmQnnt96EqdXE9TbiVMZ4KEJjtSGIz:LDsCT7qJ5o5nHMTD4Eh+OPE94cwPPg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87666ce5bd14cedc012b233a3894f886_JaffaCakes118

Files

87666ce5bd14cedc012b233a3894f886_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f81344216faab6be5304898e778a829c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileSectionNamesW
EnumCalendarInfoA
RtlZeroMemory
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 5KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE