b72b4f39662219ebe93669a9da3774da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b72b4f39662219ebe93669a9da3774da_JaffaCakes118
Size

26KB
MD5

b72b4f39662219ebe93669a9da3774da
SHA1

0c706359b8b64ddd5f3418a41c45c6e8fef46872
SHA256

6c4028e4201c704b9f5aae4f10944ef72db49c16f2c99a41256cea676d1ba51f
SHA512

c74b704c9963ff1b22eb73fbf4c632f32edf9247ab4b0e9d0998b0edc057a90b5cc1765f416be903c0f30d89a1e73e5b70f3f43c279b62b78ba77bca5334bfec
SSDEEP

384:J6akhORR3mgNH7uAoIqvDQqllen5IR/2l6DwiSs1x47lqBX/:JFb3mgNbuAorDble+OliSO+pqBX/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b72b4f39662219ebe93669a9da3774da_JaffaCakes118

Files

b72b4f39662219ebe93669a9da3774da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec4b8b2b6e4019a989fa73d21db72c15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__fmode
__set_app_type
_except_handler3
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_controlfp
_exit

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
LoadLibraryA
CreatePipe
VirtualLock
GlobalGetAtomNameA
GetStartupInfoA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ