d18cf9c64d5cb79306e74fd1e2b15175_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d18cf9c64d5cb79306e74fd1e2b15175_JaffaCakes118
Size

181KB
MD5

d18cf9c64d5cb79306e74fd1e2b15175
SHA1

e96d6a303502d1c36bad25aebf70b4fe3ac7c5d6
SHA256

3a61205f398d4c30760db4c851053d70a3ccecd40a90f638e1744cd4484f4b6b
SHA512

6aaaedceea5ba7816701b5f834ef5d22ec605822d55ad547a08b7781ced9bf5f6650319e20185c36057032f32127485b52673acfa39243a5e906a424739bf839
SSDEEP

3072:pOPg+2Fwb13GbuzrY1duNZSBCt718d/Rdd8dB5N0tL9Y9:kcu1VsCNZSBCtp8d5ddcT038

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d18cf9c64d5cb79306e74fd1e2b15175_JaffaCakes118

Files

d18cf9c64d5cb79306e74fd1e2b15175_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc0be04ac55bfe9cbc0d08745179ec11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strcat
strcpy
memcpy

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
IsBadReadPtr
GetCurrentThread
UnmapViewOfFile
GetCurrentProcess
GetSystemDirectoryA
LoadLibraryA
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
CloseHandle
VirtualProtect

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ