d00e2f845455527ed7d8dd58dd4bfe98_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d00e2f845455527ed7d8dd58dd4bfe98_JaffaCakes118
Size

29KB
MD5

d00e2f845455527ed7d8dd58dd4bfe98
SHA1

60d26c5eaa92e71aebf1bc8b4dff53a0603a45fd
SHA256

7cfe4649525a6db16798c2a1d314fb8eb1c8ac2f04cd899dcf545f3f1ffff65a
SHA512

4ba88ef262e9e3bcc2b40518c6cde2b93f005058da6c5e376c607fe2f3c985952d0f768ef24659f7a1f366171aa40f05f943d1d0bcd176c58cc144581f813a74
SSDEEP

768:LwA3Sf2l1fNmKtL3Fp4xW1KE0eHCcCXLVujGZg9dOXn7pG+7D:LhSfwmKtT4xW4ErHCc4LHZg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d00e2f845455527ed7d8dd58dd4bfe98_JaffaCakes118

Files

d00e2f845455527ed7d8dd58dd4bfe98_JaffaCakes118
.exe windows:5 windows x86 arch:x86

084b44332633bdd1235c6fd2d63f037c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

nss3

PR_Now

vcruntime140

memcpy

api-ms-win-crt-runtime-l1-1-0

exit

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-stdio-l1-1-0

fgets

api-ms-win-crt-string-l1-1-0

strlen

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

api-ms-win-crt-conio-l1-1-0

_getch

Sections

.MPRESS1
Size: 25KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE