94ca879a3d562192f9be6ec349592887_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94ca879a3d562192f9be6ec349592887_JaffaCakes118
Size

31KB
MD5

94ca879a3d562192f9be6ec349592887
SHA1

6dd6fd5dbdc386f322a0ad425ca4dd80ed522c88
SHA256

5d0becc48207eda5f7f71e218d306dee01c875bd2e4da3242e737c6b5ee6a179
SHA512

4a35a371b6b3943280917bc73edabd2aa56e2e1418e8c66504101dc084ad6baba975e2d55875923f3557a5570b6c8e065bab7e5d66736488321aaccb83621712
SSDEEP

768:Gg5clp5+9KmhWT3Kf3pAj5RfeZNZpuJscc3MWr+xgx665eCM6xcIEybdgfLsXzrn:GG1DDm8i0ewA0ALAdnp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94ca879a3d562192f9be6ec349592887_JaffaCakes118

Files

94ca879a3d562192f9be6ec349592887_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fe3b55d50f809c958a3fb35bd63b768

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr71

__CxxFrameHandler
??_V@YAXPAX@Z
strchr
strstr
srand
exit
strtok
strncpy
_snprintf
atoi
__dllonexit
_onexit
_c_exit
memcpy
_XcptFilter
_ismbblead
_cexit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
??1type_info@@UAE@XZ
_CxxThrowException
strcat
sprintf
rand
strcmp
memset
??3@YAXPAX@Z
??2@YAPAXI@Z
??_U@YAPAXI@Z
strcpy
_vsnprintf
strlen
_exit
_except_handler3
?terminate@@YAXXZ

oleaut32

VariantInit
SysAllocString
VariantClear

kernel32

ExpandEnvironmentStringsA
ExitProcess
GetModuleHandleA
GetProcAddress
Sleep
GetTickCount
LoadLibraryA
GetStartupInfoA
LocalFree
lstrcmpiA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE