b8e897a3e3198670c241e579e20a5de7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8e897a3e3198670c241e579e20a5de7_JaffaCakes118
Size

170KB
MD5

b8e897a3e3198670c241e579e20a5de7
SHA1

e1e815787172f4559036d8be388243936833d300
SHA256

3d1e6f8fa7bfc567d8615605af28d06acbd73ad5cf2580ea480d2c1519320083
SHA512

f536dec717eecb6257e09c8a5a103775c0e857a8936ce8686ba9446a5b8772d206179354f533d05acce16d2d9b27399d0a36f9d43a3b39da1a9d319bfe49da81
SSDEEP

3072:fcjpdsds5/dKGEs8iqFN514mZjQtbsXfhyySM8sxmKgvERMj9A:fc6s5/dKGEsAomh82f0yS+xmKgvERq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8e897a3e3198670c241e579e20a5de7_JaffaCakes118

Files

b8e897a3e3198670c241e579e20a5de7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc4a9c14328bdafd97e5cca189781979

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
_except_handler3
__p__fmode
_controlfp
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
memcpy

kernel32

CopyFileA
GetComputerNameA
DeleteFileA
GetVersion
GetFileAttributesA
CreateDirectoryA
VirtualAlloc
GetModuleHandleA
GetProcAddress
GetStartupInfoA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 818KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE