adb2ff6c2d16f3159b9e0c3b02b26187_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adb2ff6c2d16f3159b9e0c3b02b26187_JaffaCakes118
Size

86KB
MD5

adb2ff6c2d16f3159b9e0c3b02b26187
SHA1

829d20a092d1770f085f9274296569e31829cbe6
SHA256

febf4c8f97699040e1db75e905c10fcaf8e0fb6dd0e8ef294e649edb97d8df10
SHA512

8a13e86586abbfc601c84847940f4843cd80341137af896dd66c5487e248a2363e6832fcda4e3b6a57abbe32ce581d4074744c69568dfa4b9c93a2ccead44519
SSDEEP

1536:aGL3lnn3y+EYllsRgZVloIC1nq0AmEV0dDZKAv/ldQVHSJiDQaG6oLAZRt:JVnuYllsioIC1nNsV+xnLQVwaGLAZRt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adb2ff6c2d16f3159b9e0c3b02b26187_JaffaCakes118

Files

adb2ff6c2d16f3159b9e0c3b02b26187_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7b1c989595e6d91661d019a062010d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

exit
_fileno
_XcptFilter
malloc
__getmainargs
__p__fmode
fprintf
__set_app_type
_acmdln
__setusermatherr
time
free
_exit
_adjust_fdiv
_strdup
puts
longjmp
_except_handler3
_getcwd
_flsbuf
cos
_initterm
__p__commode
sprintf
wcscat

kernel32

VirtualProtect
Sleep
GetModuleHandleW
GetStartupInfoA
RemoveDirectoryA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ