896492e787373f049118c0115da30972_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

896492e787373f049118c0115da30972_JaffaCakes118
Size

110KB
MD5

896492e787373f049118c0115da30972
SHA1

cd6da8879ac075401c13ee2e3cfce20c8c832d17
SHA256

7b778bededd4c10c0562fef1a53ea5844574c7d062055315e75eebe3e33af8e8
SHA512

53d1832f0a0bd4b435bc5d63f68e789351311d44917c8ec28ee2cfeaeedde7dd010f1a3da1ca6dadc173aed0d6c680f083bdd5035842d902a24f6b4800c9ca7f
SSDEEP

1536:0lRnkgc3ymvNR2YA4vdfSpaizkbcRSkV5PjiJXY7C7/dy+b/UOXxRgKQ0yGkPa:0lRnXcbVRdAgSobcRdV9IYAb5Xx/Q04a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
896492e787373f049118c0115da30972_JaffaCakes118

Files

896492e787373f049118c0115da30972_JaffaCakes118
.exe windows:4 windows x86 arch:x86

827bbf30b51c4417484e6afeb09a1136

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??1type_info@@UAE@XZ
??3@YAXPAX@Z
__CxxFrameHandler

kernel32

FindResourceA
GetProcessHeap
HeapAlloc
_lclose
_hwrite
_lcreat
GetTempPathA
SizeofResource
LockResource
LoadResource
GetCommandLineA
ExitProcess
GetModuleHandleA
GetStartupInfoA

shell32

ShellExecuteA

Sections

.rdata
Size: 1024B - Virtual size: 746B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ