b8215c9c00438c3e7e86958b41ea28bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8215c9c00438c3e7e86958b41ea28bc_JaffaCakes118
Size

91KB
MD5

b8215c9c00438c3e7e86958b41ea28bc
SHA1

82c7fe29cb4c82814da7a76bf6c2f9f7c5216a6b
SHA256

8aaba0faf7018e11519a668b83bb2831e21d6614c26d74a6cc9991d8243d7df2
SHA512

0e1fc6bdccb79cb817f7dd79696bb3cf9df95e6be6928b89780c0ef15c9a3539628377c11d7e8619033f91533dda82f3721e4776917321bb35bef3498070eb69
SSDEEP

1536:dtxeZk5V3VcMKUPs+dpeUtLZ1xo7SevDrqQoqAtv9+wbhj8:nxvV/KT+dp5LnJMnRUtIw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8215c9c00438c3e7e86958b41ea28bc_JaffaCakes118

Files

b8215c9c00438c3e7e86958b41ea28bc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6a4986c3205d6cec342763c0d2e3e92c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
exit
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_exit
strstr
strcpy
strcat
??3@YAXPAX@Z
??2@YAPAXI@Z
free
malloc
__p__fmode
memcpy

kernel32

GetCurrentProcess
CreateThread
WaitForMultipleObjects
CloseHandle
VirtualAlloc
VirtualFree
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetStartupInfoA

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 774B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ