da4e2a79022e659d2f3659a44d533ffb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da4e2a79022e659d2f3659a44d533ffb_JaffaCakes118
Size

26KB
MD5

da4e2a79022e659d2f3659a44d533ffb
SHA1

c55e0bf410f01eda1532b370b85fca34c2b2418d
SHA256

6e49463fe04b7611b86ec70ed4c78395ec5829a41a7e3ab9f19ab0486914cf9b
SHA512

00d9014dfabb0751d9a0d3ae0ec3923c77518b65378d9b4156ec937b5ed4c871d71991217d6e047f03eec6e03a75639642ecc91aeb5cc77eea96b4767651e7fb
SSDEEP

384:4dvlHKFymBPLz4E8Miqis9QlcffyqGes:4hlqFvTV8CisKl4qR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da4e2a79022e659d2f3659a44d533ffb_JaffaCakes118

Files

da4e2a79022e659d2f3659a44d533ffb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c3806debfe7e73ec12cb6bb2dd256ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr71

_errno
fwrite
memcpy
strlen
fopen
fprintf
_iob
rename
remove
fclose
fflush
strchr
free
fread
malloc
perror
fgets
strrchr
strcpy
exit
fseek
setbuf
sprintf
freopen
_stricmp
_chdir
??2@YAPAXI@Z
strtok
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
_stat
_strdup
_mkdir
_dup2
strcat

kernel32

GetStartupInfoA
GetTempPathA
GetTempFileNameA
GetModuleHandleA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE