d2e071a29e4e6b5c08f642f5af0fccd4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2e071a29e4e6b5c08f642f5af0fccd4_JaffaCakes118
Size

17KB
MD5

d2e071a29e4e6b5c08f642f5af0fccd4
SHA1

fa73fdac3239b69168db5e2f52f3006c16a1cf36
SHA256

ab3e9444ca499bbff10aabc35d617707c35d50205827198456dfd863152aa919
SHA512

072549cc4741ac06c4471f334b97b012c6824e4920df0fbcd6eddbf8774e006d92d753412c58dcf789706b17b9d37b5356b5c7e46fa6021cf7ad6db81258565d
SSDEEP

384:fZiU7+eLM7nYrF2maoDONndkET6BknG1NFTlZ3uO:fZi0M7nKF2qDCndkJeOFD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2e071a29e4e6b5c08f642f5af0fccd4_JaffaCakes118

Files

d2e071a29e4e6b5c08f642f5af0fccd4_JaffaCakes118
.exe windows:1 windows x86 arch:x86

c4eeafe1c53c498fcd6c506539c65558

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

atof
atoi
_CIsinh
_wexecl
_wfopen

kernel32

ExitProcess
GetTapeStatus
GetThreadContext
GetThreadTimes
GetPrivateProfileIntA
GetProcAddress

Sections

.text
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE