d6da3c102db3aea396f3a27f621107de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6da3c102db3aea396f3a27f621107de_JaffaCakes118
Size

110KB
MD5

d6da3c102db3aea396f3a27f621107de
SHA1

c2e3fcb2b2e06d7068a075a37c3681d6d31c0045
SHA256

06b4e4dc5414a682973d1d95516b19b477f21583db993084b19ca32b57680d89
SHA512

5cd9100eb0cdeb12179447e11e2c361a839096bf19962624db9e3b7ea05523280cbad7831e09c7386ee2523750443df1bf88546993a1e0bafd66bf9c9311395e
SSDEEP

3072:NVD4WRo5/hjn/31oRFAo9NPSPEn8lLJG/Tl+pDK8nb:NVD3Rq/hTOWq/Tydb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6da3c102db3aea396f3a27f621107de_JaffaCakes118

Files

d6da3c102db3aea396f3a27f621107de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01f41340ed3b57a401217b985b0d1b18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_initterm
_except_handler3
_controlfp
__getmainargs
_acmdln
exit
_XcptFilter
__set_app_type
_exit

kernel32

GetModuleHandleA
OpenFile
GetProfileStringA
GetProcessWorkingSetSize
GetStartupInfoA

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ