c87279e7aac0f09aedc72aaf5b2e5e4b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c87279e7aac0f09aedc72aaf5b2e5e4b_JaffaCakes118
Size

28KB
MD5

c87279e7aac0f09aedc72aaf5b2e5e4b
SHA1

3066a3cef254a9d2397bde697704c26b8ef9541a
SHA256

5964c6dea84e0d3def0c93ed754331ba8d5d822e305d234eff18b201f469bad0
SHA512

22c82aafa1bdfd8e7095e4440aca83dcbea47e57949f1a09a8557cfa9c363e6b8170b59c14a113f31357918310d2a8ed52e12f0da2d7fab25b5eec125b8b539b
SSDEEP

384:KX2Spl3Y6FDgpemGoer9SSqK/rWy6PzXc01juVlFKwAHbvT2oer9SSqK/rWy6Pz+:g3xhgU0CSSDaXdF+lFqXCSSDaXdF+lFZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c87279e7aac0f09aedc72aaf5b2e5e4b_JaffaCakes118

Files

c87279e7aac0f09aedc72aaf5b2e5e4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c16a98f1cb57faf4af8d5041671605b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

utl60

ord28
ord55
ord54
ord29

upd60

ord27
ord49
ord48
ord56
ord44
ord43

core40

ord199

user32

MessageBoxA

kernel32

GetModuleHandleA
GetStartupInfoA
GlobalAlloc
GetModuleFileNameA
GlobalUnlock
GlobalFree
GlobalLock

msvcrt

sprintf
_XcptFilter
memset
strcpy
strlen
_exit
__p__commode
_adjust_fdiv
_controlfp
_except_handler3
strcmp
__set_app_type
exit
__p__fmode
_initterm
__getmainargs
__p__acmdln
__setusermatherr

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE