c8589dd4b6049a63b2480361a3cc6683_JaffaCakes118 | Triage

Sharing

General

Target

c8589dd4b6049a63b2480361a3cc6683_JaffaCakes118
Size

24KB
MD5

c8589dd4b6049a63b2480361a3cc6683
SHA1

044bfa46d16bccc7ba750b94bcb593b897e2c813
SHA256

65bf7e3c343d1d2e8429d2259a2df7c4bf9057c2b77d61024789c3660e2b57c4
SHA512

ae57daee45dc25f8ed9d9b5f571929b4f6bf6ef152038cde8b4a49db03779a1000e9efdc669542ec609c227dfec8f741965bc8957ef2c2f88030f52d24a7fa47
SSDEEP

192:fcMVHenduqVar6qsiVdq/6wsEsAMZwXmF15EP1oyl:fdV+ndu+ua6wzL2wXmF61

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8589dd4b6049a63b2480361a3cc6683_JaffaCakes118

Files

c8589dd4b6049a63b2480361a3cc6683_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8779bf65f9326767111c2f1390e8382f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleHandleA
GetLastError
SetLastError
GetProcAddress
Sleep
ExitProcess
GetCommandLineA
CreateThread
FreeLibrary
GlobalFree
CloseHandle
GlobalAlloc
GetStartupInfoA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

msvcrt

strstr
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE