ac7558c0206464e1906660214b7cec90_JaffaCakes118 | Triage

Sharing

General

Target

ac7558c0206464e1906660214b7cec90_JaffaCakes118
Size

77KB
MD5

ac7558c0206464e1906660214b7cec90
SHA1

950ef5624113af1950e44d7d3bf27aa9bf145ac9
SHA256

cbbbc306cccd22e4e54eaa3c419862473858ed2026793301ae6fb95a9f2d580f
SHA512

baa5d1f3fd0010034db6fe43d1db7e0b7c988bb7caa48bc3689cc1ad98e0a81fe70194d98e8110e5fe8867f2b3b55ebe9862485095b3b2b3390e787a2edecefe
SSDEEP

1536:U4yRbnrdKOyyyQKv5nz2KGqdmz4hylU6T6FmENQn:U16OpyQK5nBGlshylU6T6AEen

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac7558c0206464e1906660214b7cec90_JaffaCakes118

Files

ac7558c0206464e1906660214b7cec90_JaffaCakes118
.exe windows:5 windows x86 arch:x86

673e661de0d04f93ce3922b4372d79c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Obnubilate\Temp\9not98vj5osnqvq99ctcj37jr7\Stub.pdb

Imports

msvcrt

_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
exit
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_exit
fopen
fseek
ftell
malloc
fread
fclose
memset
memcpy
??2@YAPAXI@Z
__p__fmode
??3@YAXPAX@Z

kernel32

VirtualAlloc
VirtualProtect
IsBadReadPtr
CreateThread
WaitForSingleObject
ExitProcess
LoadLibraryA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
FindResourceExA
GetStartupInfoA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ