c86545764990128ca659a963180d3c14_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c86545764990128ca659a963180d3c14_JaffaCakes118
Size

79KB
MD5

c86545764990128ca659a963180d3c14
SHA1

afcafe35c8a074d0b3f008c5e8b44601577b3c56
SHA256

b77fe53fd5a800fa297f327a41610838167dc558e1dd2a49abf05d56b9d255c5
SHA512

4ee46baba4b63034d55d6e175564a8cce6fa7a2f5d688a3694a527c04b45e06e1a2f022a85641f221775b55a1e3a908124e4309716a373b24c442aa9c6efc2cc
SSDEEP

1536:3sRAfJmigCLYysmq1z4OXtphRkegXhLXAs/KV/VsQA:3sL03ZeHXtphRgxL3KV/VsQA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c86545764990128ca659a963180d3c14_JaffaCakes118

Files

c86545764990128ca659a963180d3c14_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fcc47e7ef5ec962fc69bc7e1dcaa4e91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_XcptFilter
__p__commode
strlen
strcmp
free
_acmdln
__set_app_type
sin
_exit
strchr
fputs
_stricmp
__getmainargs
fopen
__setusermatherr
_onexit
_initterm
_except_handler3
fclose
fwrite
malloc
_adjust_fdiv
exit
fprintf

user32

GetDesktopWindow

kernel32

GetModuleHandleW
GetStartupInfoA

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ