d9ebf3c544ee6f0d4fa47b8152972648_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9ebf3c544ee6f0d4fa47b8152972648_JaffaCakes118
Size

28KB
MD5

d9ebf3c544ee6f0d4fa47b8152972648
SHA1

f32891a00058cd8007e025a09e0b1efbffbd6c55
SHA256

b7b0a1ad13266a39ff122113420944260aa41ce5be6a0d210701e7a2503ff022
SHA512

dfd7c53162040cb60b5b4ba176b2669c87916ccd28b5f8d97e34e795fa41ab69b59004ccdad91bc74e69f6ff6f2f107edf320687843399425454657d4c4b8738
SSDEEP

768:vsP5+wKuF7ghYU0uG9sTjMEXhp0tUmDaeX:khtKa02U0uG9sTjMEXhp0tUm7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9ebf3c544ee6f0d4fa47b8152972648_JaffaCakes118

Files

d9ebf3c544ee6f0d4fa47b8152972648_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da8c544215b0c8bdaba25895af02736c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
Sleep
GetModuleHandleA
GetStartupInfoA

user32

TranslateMessage
CreateWindowExA
ShowWindow
RegisterClassExA
PostQuitMessage
DefWindowProcA

msvcrt

_exit
_controlfp
??3@YAXPAX@Z
strchr
??2@YAPAXI@Z
sprintf
rand
__CxxFrameHandler
atol
_except_handler3
fwrite
fopen
srand
time
fclose
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ