a99dc6f9f423504320a354773e769060_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a99dc6f9f423504320a354773e769060_JaffaCakes118
Size

9KB
MD5

a99dc6f9f423504320a354773e769060
SHA1

0d3b1c388b31b1ec489a2748ad6aed11af488c91
SHA256

46861915cb6afa2df78212d44cb793546f10ed654df9d428986cd3b659770261
SHA512

1bfc624d08d289b8c0c0e2ac6cce9634c715bb2ed32636bdaf93cb4fc17142b0fd206dd824c5be6adb1a48b5154ed179ed66360472adfb55859dea94e1dfd40a
SSDEEP

48:agq9H9MrcpKg+ivYdtLQFdZzu5phYkZf8BJOOQZEt40tMFpYjn0dblTBbrbkkp3u:K2Td1IHzYYp//QZEtftcDzTZbf3gPl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a99dc6f9f423504320a354773e769060_JaffaCakes118

Files

a99dc6f9f423504320a354773e769060_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ecf2137cae5123efb92a993b214dca62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
SetErrorMode
GetVolumeInformationW
GetModuleHandleA
GetProcAddress
HeapReAlloc
HeapAlloc
ExitProcess
GetStartupInfoA
GetCommandLineA
GetProcessHeap

advapi32

CryptAcquireContextA

ws2_32

getprotobyname

Sections

cWolIeCu
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

zbJaMQqQ
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ujPYZXcz
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ