ab3ecf6e115852c3e9334e956440f307_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab3ecf6e115852c3e9334e956440f307_JaffaCakes118
Size

33KB
MD5

ab3ecf6e115852c3e9334e956440f307
SHA1

5255639f7199b1ca7d3c9847143c7a9804d5b406
SHA256

b906114731eff6f6e44b1c1a6e9690f1edadadd642ee8c80842942526022e1dc
SHA512

0a47f02041a3530f49f1d4a425462770aeabd632466e7c7f100844c2f989ce74145c1102b847b6dcb0fe7e6ab1f3b8462c883ca3a70f9dcdf7cc854e0466c32c
SSDEEP

768:BfzpU+eV1w5x9HJTnb/lkQfpelR0xanU2fmJ1e1wCMUFE9UAmWaldLrQrh7gaZQ4:xxeV16fK5gb7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab3ecf6e115852c3e9334e956440f307_JaffaCakes118

Files

ab3ecf6e115852c3e9334e956440f307_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9dcb7edd1d952e9ecc3c6be36c1c450c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp71

?_Nomemory@std@@YAXXZ

msvcr71

strcpy
??3@YAXPAX@Z
strtok
_vsnprintf
strncpy
strstr
memcpy
strcmp
strchr
_except_handler3
malloc
_callnewh
__dllonexit
exit
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
strcat
__CxxFrameHandler
atoi
srand
memset
rand
sprintf
strlen
_onexit

kernel32

GetTickCount
GetStartupInfoA
LoadLibraryA
GetProcAddress
ExitProcess
lstrcmpiA
GetModuleHandleA
Sleep

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ