ba47986812381f64938d22fc55d2c6e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba47986812381f64938d22fc55d2c6e9_JaffaCakes118
Size

15KB
MD5

ba47986812381f64938d22fc55d2c6e9
SHA1

bef907777b251e58eccef942aff0a1a6f7ef1035
SHA256

5b4fec2ec25e488c8c377a7fe3ad90cf1affda5a053a6a44eea13ca6b98cad9c
SHA512

53f5c9a6160b01c1b44195756ff05b28c6a5523f7e690de431b2d255e75ee451b1fe9bd7f9132517346ea5f1726ab1ae1ff68e55471cf0052030a1837c00b5c8
SSDEEP

192:z9VkB275Z5f+CrSlQPw3PCPxOP4a7uAEQUfS0eNkOwEnL:z9N75ZcCBPJ8P44Px0sL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba47986812381f64938d22fc55d2c6e9_JaffaCakes118

Files

ba47986812381f64938d22fc55d2c6e9_JaffaCakes118
.exe windows:1 windows x86 arch:x86

2d446f52c96ee79f64e595119ada650d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
GetLastError
LocalFree
RtlUnwind

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

crtdll

_iob
__GetMainArgs
exit
fgets
fopen
fprintf
memcpy
raise
signal
vfprintf

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 312B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 672B - Virtual size: 672B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE