d9950e3e11d48f8194d84155d857e35a_JaffaCakes118 | Triage

Sharing

General

Target

d9950e3e11d48f8194d84155d857e35a_JaffaCakes118
Size

71KB
MD5

d9950e3e11d48f8194d84155d857e35a
SHA1

afd7787b104d343db4a4419fd2ec13c3f27bb893
SHA256

ee3ba7a6f837acdce737c91a455d114920a2ab4a7f4cbaeb55ef254e7a0a69be
SHA512

7b945ada935979ed7297c36335ffb5ab7fd1e9189edeab6dd4750fe615734ce2db05fd5cccd992ff2e3efbcb1d02232db5e8fd867f3feab7d15eb8953dde100a
SSDEEP

1536:3ww3fqxnXxqdbPZcjkH3wayLjqgoAV1Qu4oK6/9bUPLBy8A6ICVuVDLcKTtX3lk:3L3f0BqdbxcjkhyPB1QiF9bUty76VuFo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9950e3e11d48f8194d84155d857e35a_JaffaCakes118

Files

d9950e3e11d48f8194d84155d857e35a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1aa589df88accbc2cb09bb57f5ce558d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
strcmp
_exit
fprintf
_onexit
fwrite
__getmainargs
__p__commode
strncmp
_except_handler3
malloc
sin
__set_app_type
fputs
_acmdln
_write
free
strlen
_XcptFilter
__setusermatherr
_initterm
fclose
exit
fopen

user32

GetDesktopWindow

kernel32

GetModuleHandleW
GetStartupInfoA

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ