9ff48877c573d0a645fe26c36e0db2f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9ff48877c573d0a645fe26c36e0db2f4_JaffaCakes118
Size

74KB
MD5

9ff48877c573d0a645fe26c36e0db2f4
SHA1

8f97e197b8d92cb082f1c16938360a7efc901bf1
SHA256

042ad112678c8747d0e98449ebde10be317147ddc7302235d1963a38ec91971e
SHA512

19a2add3a048958a6e15c5ff25811ef30833124dd4640ac5d9aa2886da52746e297edab9c87148b45ebde2f31288dd0f16e2e0d129c30cfb0038784d7d3bbcfb
SSDEEP

1536:fPXywFEn40fAzWoeMw5neaDX9JbV53Zc3xpEfD34YR+IiL:3ywa40fAzbODlFZcsDR+xL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ff48877c573d0a645fe26c36e0db2f4_JaffaCakes118

Files

9ff48877c573d0a645fe26c36e0db2f4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ae4bb7829b49ee5ab914d4fb4d72b14b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fclose
malloc
fwrite
fputs
__p__commode
fprintf
strlen
__set_app_type
_exit
_XcptFilter
free
memcpy
calloc
_adjust_fdiv
_initterm
_acmdln
exit
__getmainargs
_onexit
fopen
sin
__setusermatherr
strcmp
_except_handler3

user32

GetDesktopWindow

kernel32

GetStartupInfoA
GetModuleHandleW

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ