a80ef49af0369bc248ec7417e5bbdcdd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a80ef49af0369bc248ec7417e5bbdcdd_JaffaCakes118
Size

21KB
MD5

a80ef49af0369bc248ec7417e5bbdcdd
SHA1

e8cc364d56487b89a33a50f4ab6a2bde69245a6d
SHA256

c32ccdea107e59a11a887628f0b5233e19a48e67bab26576d5ff7ea21dff9e26
SHA512

f9b56d77975e85c42e8ca63ff0eb39c50e07494206632aaf2ace0078e3b34b40d7addf8910c1a581d227239cfa9a4c3bc05ff944fa242e5cd2a2b0582d09af51
SSDEEP

384:w2EFs/05LMs0q6IaRZUcF9CSlGMU5IzDlGYSp+z:w2OsCLMs0qfoZUcF9jmslGYZz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a80ef49af0369bc248ec7417e5bbdcdd_JaffaCakes118

Files

a80ef49af0369bc248ec7417e5bbdcdd_JaffaCakes118
.exe windows:1 windows x86 arch:x86

1c861fa10af2b3c883c6e298f5d3676c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
ExitThread
CreateThread
CreateMailslotA
CreateWaitableTimerA
EnumDateFormatsA
FindAtomA

msvcrt

wcschr
wcslen
tanh
wcstod
strpbrk
setbuf
rewind

Sections

.text
Size: 11KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE