bae93ef8af50a5bbed9c452fa3e2901e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bae93ef8af50a5bbed9c452fa3e2901e_JaffaCakes118
Size

7KB
MD5

bae93ef8af50a5bbed9c452fa3e2901e
SHA1

7d4fac66b799c4135698e0ce35afbd29ca9be57c
SHA256

44d09628c4b62be232ccd11923e80d92048b6f2265be8379c42186571ed7da53
SHA512

f03a4bf005cb117b60f51429c02613c4682c959ae7343d057f59795537fdeba7920f78d0dc58f5259a5d30f6a630e2a9174e68da6be40e3c022fbf0c72bcc45c
SSDEEP

96:fk/GGJz7bmpknPzDnT8W80klgLvfCi+4jikvi86:n6zDnTx80klgzCi+4jiku

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bae93ef8af50a5bbed9c452fa3e2901e_JaffaCakes118

Files

bae93ef8af50a5bbed9c452fa3e2901e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ac34d76911108a2e24299af03874a25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA
SetEnvironmentVariableA
CreateFileA
ReadFile
GetEnvironmentVariableA
WaitForSingleObject
CreateProcessA
GetStartupInfoA
GetExitCodeProcess
GetModuleHandleA
CloseHandle

msvcrt

strchr
_XcptFilter
__p__commode
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_exit
__p__fmode
__set_app_type
_except_handler3
_controlfp
strtok
exit
_acmdln

core40

ord205

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE