bd146320a8ffcb91ec0ab8a9af6ace7f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd146320a8ffcb91ec0ab8a9af6ace7f_JaffaCakes118
Size

26KB
MD5

bd146320a8ffcb91ec0ab8a9af6ace7f
SHA1

cbd0d7333e452a5aa1146e7bcc3cc7ce5cd2577b
SHA256

004e35ce090f88feb42864a0c04601fd37df3891365ae39ff7fd3f6acb0b11c8
SHA512

b6b780662f654fc34c4ed237bc9ec8863e4feda783094607360a8b8de27cbb498778ec4cce379d09cea0bced101cb318fc2adcaf4a293ce5d2b54ac87e327ab3
SSDEEP

384:AP5lAccccccccccccccccccccccccccccccccccccccccccccccccccccccccccb:Axlh7UTyiWywQsrEfjX5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd146320a8ffcb91ec0ab8a9af6ace7f_JaffaCakes118

Files

bd146320a8ffcb91ec0ab8a9af6ace7f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a037995ac562bb496a45101b15e416fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
CreateEventA
GetLastError
LocalFree
GlobalAlloc
GetStartupInfoA
lstrlenA
lstrcatA
GetCommandLineA
GlobalFree
lstrcpyA

msvcrt

_exit
__getmainargs
rand
__p__fmode
__CxxFrameHandler
_XcptFilter
memmove

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1022B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ